Most Popular New & Updated Top Rated Search Authors Contact Us

Linux Software › System › Operating Systems Linux Distri › Helix 1.2

Helix 1.2

Helix is a customized distribution of the Knoppix Live Linux CD

Developer:	e-fense more software by author →
Price:	0.00
License:	GPL (GNU General Public License)
File size:	715154K
Language:
OS:
Rating:	0 /5 (0 votes)
Your vote:
enlarge screenshot

Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD.

With Helix you can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics.

Helix has been modified very carefully to NOT touch the host computer in any way and it is forensically sound. Helix wil not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics.

Helix focuses on Incident Response & Forensics tools. It is meant to be used by individuals who have a sound understanding of Incident Response and Forensic techniques.

Here are some key features of "Helix":
Incident Response / Forensics Tools:

sleuthkit 1.73 : Brian Carrier's replacement to TCT.

autopsy 2.03 : Web front-end to sleuthkit.

mac-robber 1.0 : TCT's graverobber written in C.

fenris .07 : debugging, tracing, decompiling.

wipe 0.20-1 : Secure file deletion.

MAC_Grab : e-fense MAC time utility.

GRAB 1.2.2 : e-fense Forensic Acquisition Utility.

foremost 0.69 : Carve files based on header and footer.

fatback 1.3 : Analyze and recover deleted FAT files.

md5deep 1.2 : Recursive md5sum with db lookups.

sha15deep 1.2 : Recursive sha1sum with db lookups.

dcfldd 1.0 : dd replacement from the DCFL.

sdd 1.31-3 : Specialized dd w/better preformance.

PyFLAG 0.74 : Forensic and Log Analysis GUI.

Faust 1.13 : Analyze elf binaries and bash scripts.

e2recover 1.0 : Recover deleted files in ext2 file systems.

Pasco 1.0 : Forensic tool for Internet Explorer Analysis.

Galleta 1.0 : Cookie analyzer for Internet Explorer.

Rifiuti 1.0 : "Recycle BIN" analyzer.

Bmap 1.0.20 : Detect & Recover data in used slackspace.

Ftimes 3.4.0 : A toolset for forensic data acquisition.

chkrootkit 0.44-2 : Look for rootkits.

rkhunter 1.2.0 : Rootkit hunter.

ChaosReader 0.94 : Trace tcpdump files and extract data.

lshw A.01.07 : Hardware Lister.

logsh : Log your terminal session (Borrowed from FIRE).

ClamAV 0.80.1 : ClamAV Anti Virus Scanner.

F-Prot : F-Prot Anti Virus Scanner.

2 Hash 0.2 : MD5 & SHA1 parallel hashing.

glimpse 4.18.0 : Indexing and query system.

Outguess 0.2-5 : Stego detection suite.

Stegdetect 0.5-6 : Stego detection suite.

Regviewer : Windows Registry viewer.

Chntpw : Change Windows passwords.

Grepmail 5.3030 : Grep through mailboxes.

logfinder 0.1 : EFF logfinder utility.

Retriever 1.0 : Find pics/movies/docs/web-mail.

Network Utilities:

LinNeighboorhood 0.6.5-3 : Linux network neighborhood.

ntop 3.0-3 : Network top, protocol analyzer.

iptraf 2.7.0-5 : Network monitor.

arping 2.01-3 : Ping hosts by MAC.

arpwatch 2.1a13-1 : Another arp tool.

macchanger 1.4.0-1 : Change MAC addr.

mtr 0.58-1 : X11 traceroute.

samba 3.0.5-1 : File and print services.

Servers:

sshd 3.8p1 : Secure encrypted communications.

vnc 3.3.7-1 : Virtual Network Computing.

freenx : SSH based Virtual Network Computing.

netcat 1.10 : Read and write data across network.

cryptcat 1.10 : Encrypted netcat.

Packet Sniffers and Assemblers:

ethereal 0.10.6-1 : Network traffic analyzer.

ettercap 0.7.0-1 : Sniff on a switched network and more.

ngrep 1.42-1 : Network grep.

tcpdump 3.8.3-3 : The network dump program.

tcpreplay 2.2.2-1 : Replay tcpdump or snoop captures.

dsniff 2.4b1-6 : Doug Songs wonderful sniffing utilities.

ipgrab 0.9.9-1 : Pen Register, only gets TCP Header.

TcpTrack 1.1.3-1 : Sniffer for TCP connections.

Sguil 0.5.3 : Sguil Client.

Vulnerability Assessment:

nessus 2.0.10a-6 : Vulnerability scanner.

nasl : Command line to nessus.

nmap 3.55-1 : Network port mapper.

hping2 2.rc3-3 : Port scanner, host enumerator, etc.

Wireless Tools:

aircrack 1.4 : Better WEP crack than Airsnort.

airsnort 0.2.4a-1 : WLAN Sniffer, crack WEP.

airtraf 1.1 : Another wireless locator tool.

kismet 2004.04.R1-5 : The best 802.11x monitoring tool.

kismet log viewer 0.9.7 : Log management program.

macchanger 1.5.0-1 : Change your MAC address.

gpsd 2.09-1 : GPS Daemon.

Misc : Other wireless information.

What's New in This Release:

Fixed Helix Mount code for journaled file systems. Helix will NO longer change the journal mount count when you mount a journaled file system.

Updated md5deep suite to 1.12

Updated Clamav to 0.88.2

Updated Sleuthkit to 2.06

Updated Autopsy to 2.08

Updated Foremost to 1.3

Updated Scalpel 1.54 to carve data

Updated EnCase Linen to 5.05f

Updated Adepto 2.0With AFF support now

Added endeavour2 file manager

Added ssdeep 1.0 for fuzy hashing

Added AFFlib 1.6.31 for image acquisition

Added NTFS-3G for native NTFS write support

Added libewf library

Added ptfinder memory analysis code from Andreas Schuster

Removed Solaris static binaries from CD

Replaced evince with xpdf
tags

incident response response and detection suite stego detection virus scanner virtual network tool kismet journaled file anti virus network computing for internet auto mount forensics helix

Download Helix 1.2

http://www.phelios.net/files/pc/helixdemo.exe

Authors software

Helix 1.2 (by e-fense)
Helix is a customized distribution of the Knoppix Live Linux CD

Similar software

Helix 1.2 (by e-fense)
Helix is a customized distribution of the Knoppix Live Linux CD

FIRE 0.4a (by William Salusky)
FIRE is a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis

INSERT 1.3.8a (by Matthias Mikuletz)
INSERT (the Inside Security Rescue Toolkit) aims to be a multi-functional, multi-purpose disaster recovery and network analysis syste

Knoppix STD 0.1 (by Knoppix-STD Team)
STD is a Linux-based Security Tool

FCCU GNU/Linux Forensic Boot CD 11.0 (by Christophe Monniez)

Knopperdisk 0.3.1 (by Knopperdisk Team)
The USB version is more than just a rescue disk

Helix Player 1.0.8 GOLD (by Vikram Dendi)
Helix Player is an audio and video player based on the Helix DNA Client engine

FIRST LIVE 1.2.0 (by FIRST Development Team)
FIRST LIVE primarily it is to assist law enforcement agencies and its officer to combat cyber terrorism and other malicious activitie

Hakin9 Live 2.9.1 (by Hakin9 Live Team)
Hakin9 Live distro is a bootable distribution (based on Aurox Live) which contains hacking, security, and network diagnostic tools.

Tvark 0.4 (by Fenris)
Tvark is a network monitoring tool (sniffer) with a GUI front-end, and is tied to a MySQL database

Other software in this category

Red Hat Linux 9 (by Red Hat, Inc.)
Red Hat Linux is probably the best-known Linux distribution

Fedora Core 6 (by Red Hat, Inc.)
Fedora Core is now available from Red Hat and at distinguished mirror sites near you, and is also available in the torrent.

Fedora

SUSE LINUX Professional 9.3 (by Novell, Inc.)
SUSE LINUX Professional 9.3 from Novell provides everything today's Linux user needs for home computing and computing-on-the-go.

J

Slackware 11.0 (by Slackware Project Team)
Slackware Linux is a complete 32-bit multitasking "UNIX-like" system.i It's currently based around the 2.4 Linux kernel series and th

Mandrake 10.1 Official (by MandrakeSoft)
Mandrakelinux 10.1 Official is the branch of the operating system dedicated to those who want an advanced and well-stabilized Linux s