Helix3 is a Live CD built on top of Ubuntu. It focuses on incident response and computer forensics.
According to Helix3 Support Forum, e-fense is no longer planning on updating the free version of Helix.
Tools Included
- Live side for Mac OS X, Windows and Linux
- A bootable forensically sound environment based on Ubuntu
Open source forensic tools include:
- dc3dd
- aimage
- The Sleuth Kit (3.0.1, with “light” version of Autopsy, with libewf support)
- foremost
- Volatility
- Several tools for mobile phone forensics
Other tools include:
Forensic Issues
- Helix3 Pro can automount some storage devices like firewire devices and MMC in read/write mode;
- Helix3 Pro relies on file system drivers to provide write protection, mounting some file system types (e.g. XFS) will result in several data writes to the original media.
See Also
Free version: Helix3