CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics. CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.
The main design objectives that CAINE aims to guarantee are the following:
- an interoperable environment that supports the digital investigator during the four phases of the digital investigation
- a user friendly graphical interface
- a semi-automated compilation of the final report
- New NAUTILUS SCripts
- NOMODESET in starting menu
- Reporting by Caine Interface fixed
- Raid utils e bridge utils
- Widows Side:
- Wintaylor updated & upgraded
“rbfstab” is a utility that is activated during boot or when a device is plugged. It writes read-only entries to /etc/fstab so devices are safely mounted for forensic imaging/examination. It is self installing with ‘rbfstab -i’ and can be disabled with ‘rbfstab -r’. It contains many improvements over past rebuildfstab incarnations. Rebuildfstab is a traditional means for read-only mounting in forensics-orient distributions.
“mounter” is a GUI mounting tool that sits in the system tray. Left clicking the system tray drive icon activates a window where the user can select devices to mount or un-mount. With rbfstab activated, all devices, except those with volume label “RBFSTAB”, are mounted read-only. Mounting of block devices in Nautilus (file browser) is not possible for a normal user with rbfstab activated making mounter a consistent interface for users.
You can download CAINE 2.5/Supernova here:
Or read more here.
- DAMM – Differential Analysis of Malware in Memory
- Malheur – Automatic Malware Analysis Tool
- LiME – Linux Memory Extractor
- Katana v2 (y0jimb0) – Portable Multi-Boot Security Suite
- raWPacket HeX – Network Security Monitoring & Analysis LiveCD
- PlainSight – Open Source Computer Forensics LiveCD
Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,134 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 32,845 views
- sslsniff v0.6 Released – SSL MITM Tool - 27,126 views