Bootable Forensics - snarl



snarl is a bootable forensics ISO based on FreeBSD and using @stake's autopsy and task as well as scmoo's list of known good checksums. Once you boot the iso just log in as root there is no password. You will boot into a dialog driven menu. select the first option and choose the checksum set for the OS you are auditing. this will convert the schmoo checksum database into a format that autopsy understands. Then select the second option. this will configure and start autopsy. Then select the third option and links will be launched browsing the autopsy page. You can also select exit and use the large collection of security related ports.