What is [SIFT] ? SANS Investigate Forensic Toolkit
Is an open source tool used specifically for security auditors but is available for everybody who wants to use it, is online and hosted on GitHub.
This project is based on Debian, contains a group of packages, scripts, plugins, and some licenses that complete the project.
Operating System : Ubuntu 14.04
Let’s use one of the most stables and secure distros today, you can use a lot of versions of Ubuntu to install this toolkit (with different methods), but let’s see how to install on version 14.04.
Normally, you can use the repositories of the distro, a lot of distributions today has a lot of packages ready to install using the specific commands depending on the family of the distribution. [yum /apt-get] but here, today we are going to use another command and install the toolkit directly from the project hosted on GitHub.
– Update all the distro to be on the latest release of all packages.
securitytweak@root:-$ sudo apt-get update
– Download and install the toolkit using the following command.
securitytweak@root:-$ wget –quiet -O – https://raw.github.com/sans-dfir/sift-bootstrap/master/bootstrap.sh | sudo bash -s – – -i -s -y
More information, please check the following video on Youtube.
Name: how to install SANS Forensics Toolkit “SIFT” on ubuntu 14.04 [updated]