Helix 2008R1

Helix is a customized distribution of the Knoppix Live Linux CD.
Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD.

With Helix you can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics.

Helix has been modified very carefully to NOT touch the host computer in any way and it is forensically sound. Helix wil not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics.

Helix focuses on Incident Response & Forensics tools. It is meant to be used by individuals who have a sound understanding of Incident Response and Forensic techniques.

Here are some key features of "Helix":

Incident Response / Forensics Tools:

� sleuthkit 1.73 : Brian Carrier's replacement to TCT.
� autopsy 2.03 : Web front-end to sleuthkit.
� mac-robber 1.0 : TCT's graverobber written in C.
� fenris .07 : debugging, tracing, decompiling.
� wipe 0.20-1 : Secure file deletion.
� MAC_Grab : e-fense MAC time utility.
� GRAB 1.2.2 : e-fense Forensic Acquisition Utility.
� foremost 0.69 : Carve files based on header and footer.
� fatback 1.3 : Analyze and recover deleted FAT files.
� md5deep 1.2 : Recursive md5sum with db lookups.
� sha15deep 1.2 : Recursive sha1sum with db lookups.
� dcfldd 1.0 : dd replacement from the DCFL.
� sdd 1.31-3 : Specialized dd w/better preformance.
� PyFLAG 0.74 : Forensic and Log Analysis GUI.
� Faust 1.13 : Analyze elf binaries and bash scripts.
� e2recover 1.0 : Recover deleted files in ext2 file systems.
� Pasco 1.0 : Forensic tool for Internet Explorer Analysis.
� Galleta 1.0 : Cookie analyzer for Internet Explorer.
� Rifiuti 1.0 : "Recycle BIN" analyzer.
� Bmap 1.0.20 : Detect & Recover data in used slackspace.
� Ftimes 3.4.0 : A toolset for forensic data acquisition.
� chkrootkit 0.44-2 : Look for rootkits.
� rkhunter 1.2.0 : Rootkit hunter.
� ChaosReader 0.94 : Trace tcpdump files and extract data.
� lshw A.01.07 : Hardware Lister.
� logsh : Log your terminal session (Borrowed from FIRE).
� ClamAV 0.80.1 : ClamAV Anti Virus Scanner.
� F-Prot : F-Prot Anti Virus Scanner.
� 2 Hash 0.2 : MD5 & SHA1 parallel hashing.
� glimpse 4.18.0 : Indexing and query system.
� Outguess 0.2-5 : Stego detection suite.
� Stegdetect 0.5-6 : Stego detection suite.
� Regviewer : Windows Registry viewer.
� Chntpw : Change Windows passwords.
� Grepmail 5.3030 : Grep through mailboxes.
� logfinder 0.1 : EFF logfinder utility.
� Retriever 1.0 : Find pics/movies/docs/web-mail.

Network Utilities:

� LinNeighboorhood 0.6.5-3 : Linux network neighborhood.
� ntop 3.0-3 : Network top, protocol analyzer.
� iptraf 2.7.0-5 : Network monitor.
� arping 2.01-3 : Ping hosts by MAC.
� arpwatch 2.1a13-1 : Another arp tool.
� macchanger 1.4.0-1 : Change MAC addr.
� mtr 0.58-1 : X11 traceroute.
� samba 3.0.5-1 : File and print services.

Servers:

� sshd 3.8p1 : Secure encrypted communications.
� vnc 3.3.7-1 : Virtual Network Computing.
� freenx : SSH based Virtual Network Computing.
� netcat 1.10 : Read and write data across network.
� cryptcat 1.10 : Encrypted netcat.

Packet Sniffers and Assemblers:

� ethereal 0.10.6-1 : Network traffic analyzer.
� ettercap 0.7.0-1 : Sniff on a switched network and more.
� ngrep 1.42-1 : Network grep.
� tcpdump 3.8.3-3 : The network dump program.
� tcpreplay 2.2.2-1 : Replay tcpdump or snoop captures.
� dsniff 2.4b1-6 : Doug Songs wonderful sniffing utilities.
� ipgrab 0.9.9-1 : Pen Register, only gets TCP Header.
� TcpTrack 1.1.3-1 : Sniffer for TCP connections.
� Sguil 0.5.3 : Sguil Client.

Vulnerability Assessment:

� nessus 2.0.10a-6 : Vulnerability scanner.
� nasl : Command line to nessus.
� nmap 3.55-1 : Network port mapper.
� hping2 2.rc3-3 : Port scanner, host enumerator, etc.

Wireless Tools:

� aircrack 1.4 : Better WEP crack than Airsnort.
� airsnort 0.2.4a-1 : WLAN Sniffer, crack WEP.
� airtraf 1.1 : Another wireless locator tool.
� kismet 2004.04.R1-5 : The best 802.11x monitoring tool.
� kismet log viewer 0.9.7 : Log management program.
� macchanger 1.5.0-1 : Change your MAC address.
� gpsd 2.09-1 : GPS Daemon.
� Misc : Other wireless information.

last updated on:
September 23rd, 2008, 5:32 GMT
price:
FREE!
developed by:
e-fense
homepage:
www.e-fense.com
license type:
GPL (GNU General Public License) 
category:
ROOT \ Linux Distributions

FREE!

In a hurry? Add it to your Download Basket!

user rating 36

3.4/5
 

0/5

Rate it!
What's New in This Release:
  • This is a major update to the bootable side of Helix, as it is based on Ubuntu rather than KNOPPIX. There are a number of other changes: Guidance Software Linen v6.11.2.2; AFFLIB 3.3.3 - open and extensible file format designed to store disk images and associated metadata; aimage 3.1.0 - advanced disk imaging tool; Autopsy 2.08 - GUI front-end to Sleuth Kit tools; Sleuth Kit 2.52 - open source digital investigation forensic tools; chkrootkit v0.47 - determine whether system is infected with a rootkit; chntpw 0.99.3 - utility to overwrite Windows SAM passwords....
read full changelog

Add your review! 1 USER REVIEW SO FAR

SUBMIT