CyberPack

Distributions set to help in the investigation of computer crimes.

CyberPack (IRF)

Creating an image (dump) of computer memory (RAM).
(Image RAM to File)

In the investigation of information security incidents, experts are sometimes faced with the fact that the passwords and other information necessary for successful authentication or identification is not available in the open form and stored in memory.
When you turn off your computer, such information may be lost forever ...
But still have a chance to get it.
When you restart the operating system using a combination of Ctrl-Alt-Del (the so-called "soft reset"), the computer does not conduct a thorough cleaning RAM, and the probability of loss of information sought is significantly reduced, and thus increases the chance to get it.
Just to create an image (dump) of RAM when you restart the operating system and the distribution is intended. With it you can create an exact image (dump) memory except 115 MB of RAM, which should take that distribution when loading.
The resulting image (dump) of RAM can be written to an external medium and further analyze its contents both individually and through instrumentation Ubuntu CyberPack (WCP).

Details about the system:
✔The system only works in Live-mode without the possibility of installation;
✔All functionality - is the preservation dump any amount of RAM;
✔Presents two methods for the dump;
✔Work only in the console.

With a detailed description of this distribution can be found on our forum
or application "More than USER" v.14.02

Leave your comments and suggestions on this distro here

Download the ISO-image distribution

CyberPack (ALF)

(Analysis, Logging operations and Forensics tools).

Forensic-specialized system designed for fixation and digital evidence in the investigation of computer crimes.
It includes tools for forensic analysis of the primary operations such as:
✔search, fixing hidden and deleted data on the media;
✔gathering evidence on the use of the PC for the commission of offenses;
✔analysis and recording of offenses (logging of all actions under examination with verification of the data analysis or research);
as well as the removal of digital copies of the objects of study for further detailed analysis using tools Ubuntu CyberPack (WCP).
The objects of these actions may be: data media (and their contents, such as files or partitions), web resources, network traffic, etc.

Details about the system:
✔The system only works in Live-mode without the possibility of installation;
✔Supports most file systems : ext2/3/4, NTFS, FAT/32, VFAT, exFAT, XFS, BtrFS, UFS, ReiserFS/4, HFS/+, ZFS and etc.;
✔Detects and allows you to work with partitions : RAID, LVM and etc.;
✔The test device installed by default in the "read-only", you can switch to "write";
✔Built on an easy graphical environment LXDE. Included languages: Russian, Ukrainian, English;
✔Allows you to view and listen to content (documents, multimedia files);
✔Includes tool for analyzing the disc is destroyed files.

With a detailed description of this distribution can be found on our forum
or magazine UserAndLINUX v.14.05

Leave your comments and suggestions on this distro here

Download the ISO-image distribution

CyberPack...

в стадии разработки еще 3-и дистрибутива:

- (DPA) Data Processing and Analysis
обработка и анализ полученных данных
✔ Утилита анализа дампа памяти полученного при помощи Ubuntu CyberPack (IRF)
В разработке... (ожидаемое время выхода сентябрь 2014)

- (WO) Workplace Officer
дистрибутив для повседневной работы
В разработке... (ожидаемое время выхода сентябрь 2014)

- Добытие информации
В разработке... (ожидаемое время выхода сентябрь 2014)