Documentation BENTO toolkit
Bento is a portable DFIR toolkit designed for live forensics and incident response investigations.
Made to support CSI during search and seizure activities Bento DFIR toolkit provides to first responders a complete and easy way to face the most common activities like identification, information gathering, acquisition, seizure and preservation of digital evidences.
Bento isn't intended for forensic analysis other than the strictly necessary investigations in live mode and for triaging.
Beware, some investigation tools could be detected as harmful by some AntiVirus systems.
Bento works mainly on Windows operating systems but there are a lot of tools also for Linux and macOS.
Due to several licence limitations, we can't redistribute within Bento some free softwares so end users may eventually integrate it following simple step by step procedure available inside Bento archive.
To update and add new tools is really easy because all has been still configured within SyMenu so, on a Microsoft Windows machine, it's possible to select the “Get new apps” option and make your own choices using the intuitive graphical interface.