I’m a big fan of malware analysis and we’ve discussed REMnux before, which focuses in this area, however a related distro called SIFT Workstation has been around for a few years too. Although more focused on reverse engineering, SIFT contains loads of useful tools for malware analysis as well. Recently SANS reached a major milestone for SIFT, releasing version 3.0 of this popular distro. Some of the new features include better memory utilization, auto-DFIR package update and customizations, and updated forensic tools. Have fun!
SANS Institute today announced it will debut a new version of its popular digital forensic examination toolkit, SIFT Workstation, at the upcoming SANS Digital Forensics and Incident Response Training Event (DFIRCON — pronounced d?-‘f?r-‘k?n) in Monterey, CA, March 5 – 10. SIFT 3.0 is a complete rebuild of the previous SIFT version and features the latest digital forensic tools available today.
Offered free of charge, the SIFT 3.0 Workstation will debut during SANS’ Advanced Computer Forensic Analysis and Incident Response course (FOR508) at DFIRCON. SIFT 3.0 demonstrates that advanced investigations and responding to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.
“Even if SIFT were to cost tens of thousands of dollars, it would still be a very competitive product,” says, Alan Paller, director of research at SANS. “At no cost, there is no reason it should not be part of the portfolio in every organization that has skilled forensics analysts.”
Today’s post pic is from Spy-Soft.net.