- CAINE Linux Distribution Helps Investigators With Forensic Analysis
- CAINE Can Be Used as a Live System
- The MATE Linux Desktop Is the Default
- Memory, Database, Mobile and Network Forensics Tools Are Included
- Analyze Memory With the Volatility Memory Forensics Analysis Platform
- Inception Is a Memory Manipulation Tool
- Mobile Forensics Tools Include an iOS Backup Analyzer
- Autopsy Provides Forensic Browsing Capabilities
- Data Recovery Is a Key Part of Forensic Investigations
- Guymager Captures Forensic Images
- Network Forensics Is Enabled With Wireshark
CAINE Linux Distribution Helps Investigators With Forensic Analysis
by Sean Michael Kerner
CAINE Can Be Used as a Live System
For cases where an operating system cannot be installed onto a machine, CAINE can be run as a live system directly for a CD or USB device.
The MATE Linux Desktop Is the Default
CAINE 6 uses the MATE desktop environment, providing users with main operating system navigation items along the bottom of the screen.
Memory, Database, Mobile and Network Forensics Tools Are Included
Forensic investigations typically involve multiple forms of analysis and data collection. To that end, CAINE 6 includes multiple sets of tools to assist investigators with memory, mobile and network forensics as well as database analysis.
Analyze Memory With the Volatility Memory Forensics Analysis Platform
The Volatility Memory Forensics Analysis Platform included in CAINE 6 enables users to examine system memory.
Inception Is a Memory Manipulation Tool
Different types of investigations sometime require investigators to be able to manipulate physical memory, which is where the Inception tool comes into play.
Mobile Forensics Tools Include an iOS Backup Analyzer
CAINE 6 includes the iP Backup Analyzer 2.0, which is an open-source tool for Apple iOS backup data analysis.
Autopsy Provides Forensic Browsing Capabilities
Autopsy is a forensic browsing tool to help investigators find out what happened on a given system.
Data Recovery Is a Key Part of Forensic Investigations
In many types of forensic investigations, there is a need to recover data. CAINE 6 includes the PhotoRec data recovery utility to help investigators get data back.
Guymager Captures Forensic Images
The Guymager application in CAINE 6 enables researchers to grab a data image of a target device or hard drive location.
Network Forensics Is Enabled With Wireshark
Network analysis is a key part of many forensic investigations. The open-source Wireshark application is a network packet sniffer that can collect packets for protocol analysis.