Tuesday, 9 April 2013

Creating your own USB thumb drive switchblade

Everybody wants to have their favorite tools with them at all times... somebody will ask you to fix something/take a look at something.. you wana be a good boyscout and "be prepared" so.. enter YUMI.

"YUMI (Your Universal Multiboot Installer), is the successor to MultibootISOs. It can be used to create a Multiboot USB Flash Drive containing multiple operating systems, antivirus utilities, disc cloning, diagnostic tools, and more." - go get it
 Making the whole thing is kinda intuitive so I am just going to list my preferable options here.

  1. You always need a good AV
    AVG Rescue CD
  2. Kali Linux (I feel naked without it :P)
    Kali 1.0.3
  3. DBAN (you never know when you might need to go kaboom!! plus the other distros don't have an up-to-date version of dban)
    dban-2.2.7
  4. Hiren's.BootCD is always nice to have
    http://www.hiren.info/pages/bootcd
  5. Ultimate Boot CD (another great collection of utils)
    ubcd521.iso
  6. Windows 7 PE release
    more details here
  7. Kon-boot 2.1 (it doesn't always work but... come on.. 20$)
    for 20 bucks who can argue
  8. BitDefender Rescue CD
    bitdefender-rescue-cd.iso
  9. My toolbox folder with some portable or non-portable utilities
    Caine-4.0/
    Deft-7.1/
    etoolz-4.0/
    File_Scavenger/
    PortableApps/
    SysinternalsSuite/
Caine 4.0 was the only iso that was being a pain... so easier conclusion... If you want to conduct an investigation yes install Cain 4.0 on a VM or workstation, but if you want to retrieve files from a live system... all you need is:

FtkImager/
NirLauncher.cfg
NirLauncher.exe
NirSoft/
piriform/
sysinternals/
utilities/

If you need to take advantage of the live linux interface to capture evidence... go ahead and use Kali, you will find that she has all you need for that :)

Deft is also a very good distro that provides similar tools for this one download the iso and copy the following files/dirs:

dart/
dart.exe
dart.ico

eToolz includes some of the most important network tools like NS-Lookup, Ping, TraceRoute and Whois.

File Scavenger is a data recovery utility that supports multiple file-system types: NTFS, FAT 32/16/12, Ext3, Ext4, XFS, HFS+, HFSX, UFS1 and UFS2.
You can download the utility and run it from the USB stick with no issues.


The portable apps directory has some extra apps that might be useful:

EraserPortable/
EvincePortable/
GIMPPortable/
LibreOfficePortable/
PuTTYPortable/
TrueCrypt/
WinSCPPortable/
WiresharkPortable/

SysinternalsSuite is always useful too
Thats enough I would say.. :)

No comments:

Post a Comment