Welcome to the mirror for Tsurugi Linux

Tsurugi Linux

Tsurugi is an heavily customized Linux distribution designed to support your DFIR investigations, malware analysis and open source intelligence activities.

In this distribution are included the latest versions of the most famous tools you need to conduct an in-depth forensic or incident response investigation and several useful features like device write blocking at kernel level, an OSINT profile switcher and much more!

The system is based on a 64 bits Ubuntu LTS (Long Time Support) and we preferred to use the 16.04 version to have a stable system with more supported tools, but an upgrade to 18.04 LTS version is still planned in the roadmap for next year with also a dedicated repository.

The patched kernel is based on recent 4.18.5 version that implements many new drivers and features. You can use Tsurugi Linux [LAB] in live mode but its main goal is to be installed and became your default forensics lab.

Tsurugi Acquire

Tsurugi Acquire is a lightweight and streamlined version of Tsurugi Linux [LAB], aimed at providing the basic tools needed to boot a PC and acquire mass storage devices.

A small subset of tools is installed to make the whole ISO smaller and its main purpose is to be fast at boot, to easily reside in RAM and to support as many architectures as possible.

This Linux distribution it's based on Ubuntu 16.04 LTS with a patched kernel 4.18.5 as well as Tsurugi Linux main distro but the kernel it's 32 bit to grant more compatibility and easily run on oldest devices.

A screen resolution detection system is present, to automatically adapt the size of icons and menus in Retina and 4K screens.

What’s more, it's possible to put the whole image to fit in RAM, letting the user remove the pendrive/DVDROM after boot and use the system at high speed, sparing one USB port or the optical reader/writer.

Bento

Bento is a portable toolkit designed for live forensics and incident response activities.

Featuring over 300 portable applications, Bento suite offers the best support in order to carry out digital forensics investigations and incident response activities on Windows, Linux and macOS operating systems for acquisition purposes, identification, survey and documentation.

In order to facilitate the work of first responders and supervisors, Bento includes automated tools useful to standardize and simplify digital evidence findings on under investigation systems.

Click here to go to their official website.

All donations go towards the expansion project of Linux Freedom