WTE download for Linux

This is the Linux app named WTE whose latest release can be downloaded as WTE_VM_VirtualBox.exe. It can be run online in the free hosting provider OnWorks for workstations.

SCREENSHOTS

WTE

DESCRIPTION

* Files are compressed and ENCRYPTED so are identified as "Malware" by Sourceforge.

Criminal Investigators auxiliary in conducting investigations on computer systems.
WTE is an easy to use, integrated forensic system that enables an investigator to safely image, preview and analyze internal hard drives (DeadBox), and also to conduct live forensics (LiveBox) or data recovery, using their tool(s) of choice.
Safely and Easily Search and Triage with no need to disassemble computers or laptops, or to use physical write-blockers or any heavy and expensive forensic station.
WTE is provided on USB and CD, allowing users to perform a quick triage in a forensic manner booting from WTE Boot or on live systems and collecting digital evidence properly prepared to judicial authority submission.
WTE uses as core a modified WIN 7, WIN 8.1 or WIN 10 (WinPE) OS and integrates open source and free tools organized as modules assisted with some preset actions, searches and report.

Features

• WINDOWS TRIAGE ENVIRONMENT (WTE) - WHAT TO EXPECT - Distribution based on WinPE, provided on USB and CD, which allows investigators, in fulfillment of a judicial search warrant and/or when searching in computer systems, to perform a quick triage in a forensic manner booting from WTE Boot or on live systems (DeadBox or LiveBox) and collect digital evidence properly prepared to subsequent submission to the judicial authority.
• QUICK RESULTS OBTAINED SIMPLY USING AN USB PEN-DRIVE OR A BOOT CD - WTE was designed to be used by investigators, regardless their computer knowledge. Uses target’s hardware and the WTE USB Pen Drive or Boot CD it’s not required any other computer or heavy equipment. WTE doesn’t require any previous preparation, the operator simply have to know what to search for.
• EXTREMELY EASY USAGE AND MINIMUM TRAINING NECESSARY - Criminal investigators can easily scan and analyze target computers with only a couple of days of specific training;
• A SINGLE DEVICE TO TRIAGE WINDOWS, LINUX AND MACINTOSH - It is essential to the investigator, when out in the field, to have a simple tool that can search and extract digital evidence from multiple devices and from the most popular operating systems and file systems: Windows, Linux and Macintosh. WTE allows the criminal investigator to not be dependent on computer technicians;
• TRIAGE ON SHUT DOWN (DeadBox) AND LIVE SYSTEMS (LiveBox) - On Windows Systems valuable information will be lost when turning off the target system. When is important to capture that kind of information portable tools will assist the investigator in capturing all the volatile data, including memory of 32-bit and 64-bit Windows Operating Systems, and collecting other intelligence with minimum impact over the target system On shut down computers, booting from WTE USB Pen Drive or Boot CD the investigator will be capable to deeply search and analyze the target system using Administration privileges without the need of any login credentials.
• CHAIN OF EVIDENCE AND NO CHANGES IN TARGET SYSTEMS - When the computer is booted from the WTE USB PEN Drive or WTE Boot CD, there is no changes made to the target drives, it allows the digital signature of the collected evidence thereby ensuring the chain of evidence.
• POWERFUL SEARCH CAPABILITIES - Out in field the investigator will be able to perform extremely quick searches that can be more or less complexes as you evaluate the situation. The operator could search for file or folder name, images, videos, credit card numbers, email addresses, mail, documents, regular expressions, text inside documents. Searches can be narrowed on file properties (including dates, file size, etc).
• WINDOWS OS INTELLIGENCE COLLECTION - Besides the specific searches results, on Windows Systems, extensive system information will became immediately available, such as installation date, version, O.S. owner and key, last shutdown, users, network, viewed documents and multimedia files (sound and video) including historical Internet browsing, USB devices history …
• VIEW RESULTS DIRECTLY ON TARGET COMPUTER - Search results and collected intelligence can be viewed immediately on the target computer, making easier to analyze, organize data, and produce a quick report.
• A RATIONAL WAY TO EXTRACT AND COLLECT DIGITAL EVIDENCE - As the various search results can be viewed immediately on target computer the investigator is provided with the ability to easy and quickly select critical intelligence and rate evidence to extract. This facility provides the investigator with the capability to evaluate a possible arrest and quickly decide about equipment seizure for a more detailed analysis at the forensic lab. As experienced in field this way is by far most quick and accurate than others used by similar tools trying to process all the information automatically. In most cases it will take no more than 5 to 10 minutes to collect sufficient intelligence or evidence to assist the investigator deciding the next step to take with the target equipment and the suspect.
• INVESTIGATOR TRAINING - Investigators training carry no other cost for Law Enforcement then trainers accommodations and a proper room equipped with minimal resources;

This is an application that can also be fetched from https://sourceforge.net/projects/wte/. It has been hosted in OnWorks in order to be run online in an easiest way from one of our free Operative Systems.