Learn about the DEFT operating system

DEFT is a Lubuntu-based Linux distribution (Lubuntu is again developed from Ubuntu Desktop), installed with the best free and open source applications for incident response, cyber intelligence (tracking, distribution). analyze and combat digital security threats), computer forensics. DEFT is designed for military use, law enforcement, private security experts and IT auditors.

Overview of DEFT

DEFT is one of the top 10 operating systems for security research used by hackers that TipsMake.com introduced to readers.

A distribution of this kind cannot be evaluated in the usual way, so the best thing I can do is to provide a screenshot showing the tools loaded on it. Like the 'parent' distribution, DEFT comes in the form of a Live ISO installation image, weighing about 2.4GB. The screenshot below shows the boot menu.

Desktop default.

If you have any doubt about the origin of DEFT, this is proof.

One more proof.

This screenshot shows a list of analysis tools .

Anti-malware tool ( Antimalware tools ).

Data carving tools ( Carving tools - tools to recover files based on titles, subtitles and internal data structures).

Hashing tools .

Image-related tools ( Imaging tools )

Mobile forensics tools ( Mobile forensics ).

Network forensics tools ( Network forensics ).

Open-Source INTelligence ( OSINT tools ) tools

Password recovery tool.

Reporting tools .

Besides security tools, DEFT also comes with a complete set of desktop productivity applications, including LibreOffice, Firefox 11, Chromium 18, Wine (to run Windows applications) and other applications available on The default installation of Lubuntu. Chromium comes with DEFT customized with a number of plugins and resources to perform operations related to Open Source Intelligence.

The latest release of DEFT is DEFT 7.1. If you want to try it out, you can download the LiveDVD installation image and visit the project homepage at:

 http://na.mirror.garr.it/mirrors/deft/ 

DEFT Zero

DEFT Linux forensic operating system developers have announced the availability to download a new version called DEFT Zero (version 2017.1) and based on Lubuntu 14.04.02 LTS.

DEFT Zero (2017.1) appears to be a lightweight version of DEFT Linux, specifically designed to help law enforcement agencies catch criminals, by providing the software tools needed to gather evidence. digital.

"DEFT Zero is designed to be a lightweight version of DEFT focusing on copies of digital evidence, such as hard drives, USB devices and network shares (network sharing) ', following the PDF instructions created by DEFT developers dedicated to this version.

To maintain this goal, DEFT Zero supports NVM Express (NVMe) and eMMC memory, such as the 2015 MacBook versions, as well as UEFI (Unified Extensible Firmware Interface).

DEFT Zero needs about 400MB of RAM to boot. Another interesting feature of the DEFT Zero version (2017.1) is that it can boot on very old computers, only about 400MB of RAM (system memory). However, you can also use it on modern 64-bit computers, including those that enable the Secure Boot feature.

Live ISO image is available for download here. There are three boot options, including the ability to copy content to RAM and use the distribution in Live mode directly from the computer's system memory, eliminating bootable media.

DEFT Zero also provides users with support for mounting the device in read / write and read only mode, just like the full version of DEFT Linux. In-depth details on how you can mount devices using the GUI or via the command line are found in the PDF manual. Reference at:

 https://paper.bobylive.com/System/EN-deft7.pdf 

As mentioned earlier, DEFT Zero (2017.1) is based on Lubuntu 14.04.2 LTS (Trusty Tahr), which means it uses a lightweight LXDE desktop environment. Updates will be provided as long as Lubuntu 14.04 LTS is still supported.