SKADI

<rant>
Not to attack just this, but more of "forensics distros" rant in general

I'd rather see some sort of bootable CD/DVD/USB distro that focus on collection and data recovery than some distro put together by some random person with too much free time that thinks that live forensics is the norm. Also, not just focusing on the Linux world with preinstalled tools that need to be started from the media.

ELK? Neo? Are you f-ing kidding me?

A distro that focus on acquisition to useable, portable fileformats with a wide, multiple selection for each category, i.e. to dump memory, capture network traffic, image disks and external devices (mobile phones, GPS, drones) would beat any such distros in a heartbeat because it, you know, focus on reality.
</rant>

Sounds like Paladin would be a good candidate based on your rant above. I have used it since 2012, and it is a great free tool.

The first post in this string seems more like an advert for SKADI than anything else.

Sounds like Paladin would be a good candidate based on your rant above. I have used it since 2012, and it is a great free tool.

A live forensic distribution executing malicious code from a suspect drive

A live forensic distribution writing to a suspect drive

&lt;rant&gt;
Not to attack just this, but more of "forensics distros" rant in general

I'd rather see some sort of bootable CD/DVD/USB distro that focus on collection and data recovery than some distro put together by some random person with too much free time that thinks that live forensics is the norm. Also, not just focusing on the Linux world with preinstalled tools that need to be started from the media.

ELK? Neo? Are you f-ing kidding me?

A distro that focus on acquisition to useable, portable fileformats with a wide, multiple selection for each category, i.e. to dump memory, capture network traffic, image disks and external devices (mobile phones, GPS, drones) would beat any such distros in a heartbeat because it, you know, focus on reality.
&lt;/rant&gt;

It's OK to rant… it's healthy. So I take it you don't like Skadi et al lol Yeah, I get what you are saying; just passing on what has been found… might be helpful to students or someone else..

Sounds like Paladin would be a good candidate based on your rant above. I have used it since 2012, and it is a great free tool.

The first post in this string seems more like an advert for SKADI than anything else.

Well, if that is an ad, yours is astroturfing 😯 .

Surely trewmte is only sharing a bit of information he has, nothing more, nothing less. )

But you can check here to see how masked advertising/astroturfing actually looks like wink
https://www.forensicfocus.com/c/aid=254/reviews/2018/forensic-falcon-neo-from-logicube/

@MDCR
Not particularly ranting IMHO, but you surely hit the nail right on the head. !

@thefuf
Thanks for the inside look in these matters, very interesting as always.

jaclaz

Surely trewmte is only sharing a bit of information he has, nothing more, nothing less. ) jaclaz

Yes, thanks jaclaz. Just sharing.

@thefuf Thank you for the information.

@jaclaz valid point. I will now eat my humble pie. )

@jaclaz valid point. I will now eat my humble pie. )

Naaah, no need to ) (unless of course you actually like it ? ).

Should you want to taste some of my own NSHP (Not So Humble Pie) wink you are welcome anytime.

jaclaz