CSI Linux is specifically designed for forensics and cyber investigations, as it removes the hassles of installation and configuration of different software packages, with tons of pre-installed tools for analysis and security prevention.
While Kali NetHunter is perhaps the most popular Linux-based penetration testing platform, with the Debian-derived Linux distribution designed for digital forensics, the most notable feature is the support for over 50 new mobile devices, and fully capable of running on Android 4.4 (KitKat) to the latest version on all supported devices.
These software tools play a significant role in the cyber investigation process, with the rise in cybercrimes, organizations and government agencies have become directly involved in setting up cyber investigation labs to tackle the crime incidence on the Internet.
The key open source tools available for CSI Linux include: Catfish Search, Recon-ng, FBI (Facebook Information), Autopsy GUI, KeePassXC, Nmap, Maltego, Twitter feed pull, OSINTFramework, OSINT-Search, Wireshark, theHarvester and Sherlock.
How CSI Linux can Help with Cyber Investigations?
CSI Linux comes in three separate platforms, namely Analyst, Gateway, and SIEM. With the Analyst edition containing tools for investigation, analysis, and cyber reports generation, which also allow users to generate complete report of suspects by gathering all social footprints using tools like Maltego and RecordMyDesktop.
The CSI Linux Gateway, on the other hand, links all Analyst traffic via Tor network to provide safety and anonymity over the Internet. While the last on the list, SIEM edition is for Incident Response and Intrusion detection.
As a multi-purpose operating system designed for cyber investigators, CSI Linux is useful in resolving Online Investigation: including Social Media Accounts, Website Information, and Open-source intelligence (OSINT).
Also, CSI Linux helps with Incident Response, such as Intrusion Detection/Prevention and Malware Analysis.
Getting Started with CSI Linux
The minimum requirement for CSI Linux installation is 50GB free space for the running of virtual machine images and 20GB to download the installer, with at least 8GB RAM.
Albeit, CSI Linux can’t be downloaded for standalone installation as it's only available for VirtualBox. So, you'll need to install VirtualBox and Virtual Box Extensions to get started with CSI Linux.
And the CSI Linux Investigator comes as an individual OVA file comprising the three editions for the virtual machine, namely CSI Linux Analyst, Gateway and SIEM. For all available tools for CSI Linux, see the full Tools List.