DEFT For Linux

DEFT stands for Digital Evidence and Forensic Toolkit and it's an open source distribution of Linux built around the DART (Digital Advanced Response Toolkit) software and based on the Ubuntu operating system.

It has been designed from the ground up to offer some of the best open source computer forensics and incident response tools that can be used by individuals, IT auditors, investigators, military, and police.

However, the distro's strongest point is the huge collection of computer forensic tools that have their own entry in the operating system's main menu, called DEFT. The applications are organized into specific categories, including analysis, antimalware, data recovery, hashing, imaging, mobile forensics, network forensics, OSINT, password recovery, and reporting tools.

The project is distributed as a single Live DVD ISO image that can be easily written to a blank or RW DVD disc, as well as deployed onto a USB flash drive. Supported architectures include both 32-bit and 64-bit hardware platforms.

It includes support for three languages, English, Spanish and Italian, selectable from the boot prompt of the Live DVD ISO image, which can also be used for installing the operating system on a disk drive, boot an existing OS, or run a memory diagnostic test.

The distribution can be started in graphical mode or in text mode. It uses the lightweight LXDE desktop environment and includes popular applications like Google Chrome and Mozilla Firefox web browsers, Transmission BitTorrent client, Pidgin instant messenger, VLC Media Player, LibreOffice office suite, and Audacious audio player.

Also included are the Midnight Commander two-panel and PCManFM file managers, GParted disk partitioning tool, Disks disk management utility, and a mount manager software.

In conclusion, DEFT is a lightweight, fast and easy-to-use Ubuntu/Lubuntu-based Linux distribution designed to help you to recover data from damaged drives and broken operating systems.