CyberPack

Distributions set to help in the investigation of computer crimes.


CyberPack (IRF)


Creating an image (dump) of computer memory (RAM).

(Image RAM to File)

In the investigation of information security incidents, experts are sometimes faced with the fact that the passwords and other information necessary for successful authentication or identification is not available in the open form and stored in memory.
When you turn off your computer, such information may be lost forever ...
But still have a chance to get it.
When you restart the operating system using a combination of Ctrl-Alt-Del (the so-called "soft reset"), the computer does not conduct a thorough cleaning RAM, and the probability of loss of information sought is significantly reduced, and thus increases the chance to get it.
Just to create an image (dump) of RAM when you restart the operating system and the distribution is intended. With it you can create an exact image (dump) memory except 115 MB of RAM, which should take that distribution when loading.
The resulting image (dump) of RAM can be written to an external medium and further analyze its contents both individually and through instrumentation Ubuntu CyberPack (WCP).

Details about the system:
✔The system only works in Live-mode without the possibility of installation;
✔All functionality - is the preservation dump any amount of RAM;
✔Presents two methods for the dump;
✔Work only in the console.

With a detailed description of this distribution can be found on our forum
or application "More than USER" v.14.02

Leave your comments and suggestions on this distro here

Download the ISO-image distribution


Ubuntu CyberPack (ALF) 1.0 CyberPack (ALF)


(Analysis, Logging operations and Forensics tools).

Forensic-specialized system designed for fixation and digital evidence in the investigation of computer crimes.
It includes tools for forensic analysis of the primary operations such as:
✔search, fixing hidden and deleted data on the media;
✔gathering evidence on the use of the PC for the commission of offenses;
✔analysis and recording of offenses (logging of all actions under examination with verification of the data analysis or research);
as well as the removal of digital copies of the objects of study for further detailed analysis using tools Ubuntu CyberPack (WCP).
The objects of these actions may be: data media (and their contents, such as files or partitions), web resources, network traffic, etc.

Details about the system:
✔The system only works in Live-mode without the possibility of installation;
✔Supports most file systems : ext2/3/4, NTFS, FAT/32, VFAT, exFAT, XFS, BtrFS, UFS, ReiserFS/4, HFS/+, ZFS and etc.;
✔Detects and allows you to work with partitions : RAID, LVM and etc.;
✔The test device installed by default in the "read-only", you can switch to "write";
✔Built on an easy graphical environment LXDE. Included languages: Russian, Ukrainian, English;
✔Allows you to view and listen to content (documents, multimedia files);
✔Includes tool for analyzing the disc is destroyed files.

And also contains:
Graphic utilities:
ClamTk - Graphic Sheath for ClamAV antivirus
Disk Utility, GParted - Working with sections on the media
GTKHash - checksum files
TrueCrypt - work with encrypted containers sections
EtherAPE - a visual display of network
WireShark - network traffic analyzer
ZenMap - network scanner
GHex - HEX-editor
VokoScreen - Record a video monitor screen
Guymanager - forensic imager for media acquisition
LVM manager - view LVM partitions
R-Studio - the opportunity to analyze the disk for files destroyed
Network Tool - ping, netstat, traceroute, portscan lookup, finger, whois
Search Tool - Search halyards
Gufw - firewall
KisMet - monitor wifi
Lshw-GTK - detailed information about the computer
NetworkManager enabled VNC, PPTP (VPN), OpenVPN
Galculator - handy calculator
Gedit - working with text files (supports UFT8, CP1251 and other encodings )
GpicView - view images
XfBurn - recording discs
LibreOffice (writer - calc - draw - impress) work with office documents
Firefox - Proudly (include httpfox)
Remmina - client to connect to RDP, SSH, SFTP, VNC protocols
Evince - preview documents in various formats
Gnome-Mplayer - Multimedia Player
PeaZip - work with many types of archives
✔ ettercap - multipurpose sniffer/interceptor/logger for switched LAN
✔ macchanger - utility for working with MAC-addresses of network interfaces
✔ hydra - very fast network logon cracker

Command line utilities :
Network tools: tcpdump, netstat, iftop, nload, nmap, netdiscover, wget
Working with partitions, disks and files: testdisk, photorec, ddrescue, dd_rescue, clamav, mc
Hacking and password guessing Windows: chntpw, ophcrack
lshw - information about equipment
galleta - analysis of Internet Explorer cookie
grokevt - reading Windows event log
✔ aircrack - utilities hacking wireless networks WEP / WPA
✔ sslscan - fast SSL Scanner
✔ sslsniff - utility attack SSL / TLS by the middle-man
✔ sslstrip - utility attack SSL / TLS by the middle-man

With a detailed description of this distribution can be found on our forum
or magazine UserAndLINUX v.14.05

Leave your comments and suggestions on this distro here

Download the ISO-image distribution


CyberPack...

в стадии разработки еще 3-и дистрибутива:

- (DPA) Data Processing and Analysis
обработка и анализ полученных данных
✔ Утилита анализа дампа памяти полученного при помощи Ubuntu CyberPack (IRF)
В разработке... (ожидаемое время выхода сентябрь 2014)

- (WO) Workplace Officer
дистрибутив для повседневной работы
В разработке... (
ожидаемое время выхода сентябрь 2014)

- Добытие информации
В разработке... (ожидаемое время выхода сентябрь 2014)