CAINE (Computer Aided INvestigative Environment) is a GNU/Linux Live CD distribution.

The project does not aim to propose “yet another forensic tool” or a framework for collecting open source programs, because many forensic distributions already exist (e.g., Helix, FCCU, Deft). The CAINE forensic framework contains a collection of tools wrapped up into a user friendly environment. Furthermore introduces novel important features; it aims to fill the interoperability gap across different forensic tools, it provides a homogeneous GUI that guides digital investigators during the acquisition and analysis of electronic evidence, and it offers a semi-automatic process for the documentation and report compilation.

The CAINE distribution offers all the main commodities of a typical Ubuntu desktop: easy-to-use environment, highly customizable architecture, reliable interfaces and a enhanced packed-oriented software distribution system.
The GNOME desktop offers a well known and efficient graphical environment to the digital investigator.

The installation process is automatable and is implemented through a series of shell scripts.

The wrapper is written in Perl and manages the forensic process from the digital evidence collection to the semi-automatic report compilation. It is embedded into a customized Linux-based operating system, that is built from the standard version of Ubuntu Linux 10.04.

The operating system was modified from a minimal Ubuntu installation for a twofold use: it can be booted into a PC under investigation as a liveCD; it can be installed into a forensic laboratory PC as a permanent operating system. After the installation of all accessory modules, the liveCD distribution is created through a reliable backup program (Remastersys) that automatically builds up a live distribution from the installed Ubuntu version and stored files.


Product's homepage

Here are some key features of "CAINE":

· Interoperable environment that supports the digital investigator during the entire analysis process.
· Caine Interface, a user friendly GUI.
· Ubuntu-like easy installation on a forensic workstation.
· Semi-automated compilation of the final report.

What's New in This Release: [ read full changelog ]

· New NAUTILUS SCripts
· ataraw
· bloom
· fiwalk
· xnview
· NOMODESET in starting menu
· xmount
· sshfs
· Reporting by Caine Interface fixed
· xmount-gui
· nbtempo
· fileinfo
· TSK_Gui
· Raid utils e bridge utils
· SMBFS
· BBT.py