January 6th, 2009

Helix v2.0 released
sth posted in Uncategorized on September 30th, 2008

Helix is the definitive computer forensics, incident response live CD distribution, and it has recently released version 2.0. Here is the listed of updated features. Among lots of new tools and tool upgrades, one big change is that it is now based on Ubuntu rather than Knoppix. Some other cool new tools that have been added to Helix are winlockpwn which bypasses windows authentication via firewire, Volitility for parsing processes, network information and many other things out of raw memory, and something else cool from metlstorm, bioskbsnarf, which parses the realmode keyboard buffer out of the bios data area. It looks like a couple of the newer memory dumping utilities for windows have also been added to the windows live portion of the distro.

The only bad thing that I’ve noticed is that the static binaries (important for incident response) are no longer distributed directly on the CD, but at least they are still available for download. Maybe they (or someone else) will put together a DVD that includes these.

I was told a while before the release came out that it was no longer going to be free, so
I’m pretty glad to see this release is public and still free. That being said, it’s a worthwhile project to contribute to, so I’d suggest buying a pressed CD to help them out. If not — happy downloading, :) .


PS — And yes, it is v2.0 that has been released despite them calling the distribution “Helix 3″ for some slightly confusing reason. :)

5 Responses to 'Helix v2.0 released'

  1. 1Helix V2.0 released - Hack a Day
    October 2nd, 2008 at 12:20 pm

    [...] [Via Midnight Research labs] [...]


  2. 2zacdee316
    October 2nd, 2008 at 12:38 pm

    hackaday brought a good point. why is this version 2 while the header above says 3?


  3. 3LovesFLSun
    October 2nd, 2008 at 8:07 pm

    Maybe it’s a tease??


  4. 4News for Geek » Blog Archive » Helix V2.0 released
    October 3rd, 2008 at 2:41 pm

    [...] Helix 2.0 has been released.  Helix is a collection of various tools for electronic forensics.  Just like on TV, you can use this to find all kinds of information on a computer.  Some of the useful tools added were Winlockpwn a tool for breaking windows security, Volitility which processes data out of the raw memory, and several other tools that are beyond our comprehension. You’ve undoubtedly noticed that the title says Helix V2.0, but the image and header of the Helix site say 3.  We have no idea why. Look at the download info to see that it says V2.0. [Via Midnight Research labs] [...]


  5. 5Jeff’s Blog » Helix V2.0 released
    October 8th, 2008 at 11:33 am

    [...] [Via Midnight Research labs] [...]


Leave a Response

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS