DEFT 7 – A linux distro for forensics and more!

We stumbled across this distribution the other day while building a forensic workstation for the lab. SIFT just didn’t perform the way we wanted and DEFT seems to be rock solid out of the box with version 7 of their distro.

Check them out at

They have a draft version of their english manual as well. This distro is based on the 3.0 kernel and is snappy as heck even on somewhat older hardware. Outstanding work guys!

2 responses to “DEFT 7 – A linux distro for forensics and more!”

  1. cyb3rdaw6 says:

    could you elaborate on the differences you found between SIFT and DEFT? and be more secific about why SIFT was not performing up to your expectations? i'm not a proponent of either, but would like to hear the results of your tests.

    • Chris says:

      DEFT is built for lighter hardware, but doesn’t feel like it. SIFT does come with a somewhat more integrated experience for people new to forensics, but I’ve tried it on a few different systems and no matter how I tweak it, things still feel a little choppy/buggy, which is more to do with the version of Ubuntu it’s built on than anything.


Leave a Reply