New Debian 9 Stretch Introduced For Computer Forensic Analysis Tool

Debian developer Michael “mika” Prokop has announced that, thanks to the Debian Forensics team, a number of forensic analysis tools will be included and maintained along with their dependencies in the next version of the popular Linux distribution.

As published in ebuddynews, Debian 9 Stretch, which is about to be released, will become the most advanced and stable version of distribution history. The latest iteration of the operating system will come with the latest GNU / Linux technologies and the latest open source applications.

In addition to the usual ones that most users will find in the repositories, there will be a few packages for forensic analysis that can not be found in Debian Jessie currently. In Prokop’s words:

“Repeating what I did in the last Debian releases with #newinwheezy and #newinjessie, it’s time to talk about #newinstretch. Debian Stretch, also known as Debian 9.0, will come with a series of packages for people interested in computer forensics.”

The new Debian tools 9

Among the new tools for forensic analysis that will come with the new version of Debian, we can mention the following :

• Bruteforce-salted-openssl, which allows you to find the passphrase in OpenSSL encrypted files.
• Cewl, which allows to generate list of personalized words.
• Dislocker, to read and write encrypted BitLocker volumes.
• Hasdeep and hashrat, which can be used to recursively compute hashum or piecewise hashings.
• Pompem, which allows exploits and vulnerabilities to be found.
• Rekall, to perform memory analysis.
• Unide.rb, to find processes hidden by rootkits.

All these tools are accompanied by dozens of libraries , which can be consulted in the Debian release . Otherwise, wait until Debian 9 Stretch is finally released in the coming weeks.