FCCU GNU/Linux Forensic Bootable CD is a bootable CD based on KNOPPIX that contains a lot of tools suitable for computer forensic investigatins, including bash scripts.

FCCU GNU/Linux Forensic Boot CD's main purpose is to create images of devices prior to analysis, and it is used by the Belgian Federal Computer Crime Unit.

Here are some key features of "FCCU GNU Linux Forensic Boot CD":
· This CD is based on KNOPPIX by Klauss Knopper.
· It is a remaster that I made to use at my work as a computer forensic investigator.
· Its main purpose is to create images copies of devices before analyse.
· It does not use a lot of cpu cycles for unnecessary programs, that is why it drops you to a shell right after the boot.
· It recognizes lots of hardware (Thanks to Klauss Knopper).
· It leaves the target devices unaltered (It does not use the swap partitions found on the devices).
· It contains a lot of tools with forensic purpose.

What's New in This Release:
· This release adds a new set of tools that allow an investigator to capture the memory from another host trough the Firewire bus, even if the target host is an MS Windows box.
· A new tool to retrieve images from Thumbs.db (MS win thumbnails cache) was added.
· Rdd, a new forensic image acquisition tool, was added.
· A lot of other tools were added and upgraded.