Skip to content

Overview

Ubuntu is a Linux distribution, using Unity as the default desktop environment. It is based on Debian, which is another Linux distribution. Since it is widely used, many forensic tools function on it. Some teams have built forensic workstations on top of it.

Forensic Integration

The SANS Incident Forensic Toolkit (SIFT) was built on top of Ubuntu. It has many tools preinstalled on it including:

The Sleuth Kit Wireshark HexEditor Pasco md5deep ssdeep Volatility Framework

See Also

External links