1CAINE Linux Distribution Helps Investigators With Forensic Analysis
by Sean Michael Kerner
2CAINE Can Be Used as a Live System
For cases where an operating system cannot be installed onto a machine, CAINE can be run as a live system directly for a CD or USB device.
3The MATE Linux Desktop Is the Default
CAINE 6 uses the MATE desktop environment, providing users with main operating system navigation items along the bottom of the screen.
4Memory, Database, Mobile and Network Forensics Tools Are Included
Forensic investigations typically involve multiple forms of analysis and data collection. To that end, CAINE 6 includes multiple sets of tools to assist investigators with memory, mobile and network forensics as well as database analysis.
5Analyze Memory With the Volatility Memory Forensics Analysis Platform
The Volatility Memory Forensics Analysis Platform included in CAINE 6 enables users to examine system memory.
6Inception Is a Memory Manipulation Tool
Different types of investigations sometime require investigators to be able to manipulate physical memory, which is where the Inception tool comes into play.
7Mobile Forensics Tools Include an iOS Backup Analyzer
CAINE 6 includes the iP Backup Analyzer 2.0, which is an open-source tool for Apple iOS backup data analysis.
8Autopsy Provides Forensic Browsing Capabilities
Autopsy is a forensic browsing tool to help investigators find out what happened on a given system.
9Data Recovery Is a Key Part of Forensic Investigations
In many types of forensic investigations, there is a need to recover data. CAINE 6 includes the PhotoRec data recovery utility to help investigators get data back.
10Guymager Captures Forensic Images
The Guymager application in CAINE 6 enables researchers to grab a data image of a target device or hard drive location.
11Network Forensics Is Enabled With Wireshark
Network analysis is a key part of many forensic investigations. The open-source Wireshark application is a network packet sniffer that can collect packets for protocol analysis.