DEFT – Digital Evidence and Forensic Toolkit
While performing computer forensics, it is important that the software being used is able to ensure the integrity of file structures. It should also be able to analyze the system being investigated without any alteration, deletion, or change to the data.
DEFT is designed for forensics and is based on Lubuntu, which is itself based on Ubuntu.
Getting ready
DEFT can be downloaded from this link:
http://www.deftlinux.net/download/
Once downloaded, we can burn the image file on CD/DVD media or create a live bootable USB media.
How to do it...
To use DEFT, we need to get an overview of what is included in the OS:
Once we boot DEFT CD/DVD or USB media, we get the boot screen. Firstly, we need to select the language. Once done, we can choose to either run DEFT live, or else we can install DEFT on our system.
In our example, we have chosen to boot DEFT live. Once booting completes, we get the home screen of DEFT.
Now, let's understand the different tools available...
