CAINE (Computer Aided INvestigative Environment) – Digital Forensics LiveCD

The New Acunetix V12 Engine


CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics. CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.

The main design objectives that CAINE aims to guarantee are the following:

  • an interoperable environment that supports the digital investigator during the four phases of the digital investigation
  • a user friendly graphical interface
  • a semi-automated compilation of the final report

New Features/Tools

  • New NAUTILUS SCripts
  • ataraw
  • bloom
  • fiwalk
  • xnview
  • NOMODESET in starting menu
  • xmount
  • sshfs
  • Reporting by Caine Interface fixed
  • xmount-gui
  • nbtempo
  • fileinfo
  • TSK_Gui
  • Raid utils e bridge utils
  • SMBFS
  • BBT.py
  • Widows Side:
  • Wintaylor updated & upgraded

“rbfstab” is a utility that is activated during boot or when a device is plugged. It writes read-only entries to /etc/fstab so devices are safely mounted for forensic imaging/examination. It is self installing with ‘rbfstab -i’ and can be disabled with ‘rbfstab -r’. It contains many improvements over past rebuildfstab incarnations. Rebuildfstab is a traditional means for read-only mounting in forensics-orient distributions.

“mounter” is a GUI mounting tool that sits in the system tray. Left clicking the system tray drive icon activates a window where the user can select devices to mount or un-mount. With rbfstab activated, all devices, except those with volume label “RBFSTAB”, are mounted read-only. Mounting of block devices in Nautilus (file browser) is not possible for a normal user with rbfstab activated making mounter a consistent interface for users.

You can download CAINE 2.5/Supernova here:

caine2.5.iso

Or read more here.

Posted in: Forensics, Hacking Tools, Linux Hacking

, , , , , ,


Latest Posts:


BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.


One Response to CAINE (Computer Aided INvestigative Environment) – Digital Forensics LiveCD

  1. Bogwitch October 14, 2011 at 11:07 pm #

    Looks quite promising.
    the use of a software write blocker is an improvement over many forensic investigation distros I’ve seen but I would be reluctant to do any processing that may end up as court evidence without a hardware write blocker!
    Very disappointingly, there does not appear (from the developers site) to be any facility to create disk images to analyse, relying on the evidential media instead – a dangerous strategy! Also, there does not seem to be a case management tool.
    Finally, I do like the idea of automated reports, even semi-automated. I hate writing reports and forensic reports are as dry as they come.
    I think this distro would be useful for ‘on the spot’ forensics, initial investigation type of thing. I guess i’ll have to give it a test in it’s installed state to see what it’s true capabilities are.