Documentation Tsurugi Linux [LAB]

The main idea behind the Tsurugi Linux project is about simplicity as far as the topics can be really complex. The customized menus have been structured with the "ideal investigation order" where all the tools have been grouped by categories.

Each tool has been classified by its main features so, if several are presents, it could be possible to find it inside more than one categories, this it means that it's possible to find the right tool only by going through the menu following own needs.

Here below all main categories:

Artifacts Analysis
Data Recovery
Memory Forensics
Malware Analysis
Password Recovery
Network Analysis
Picture Analysis
Mobile Forensics
Cloud Analysis
Virtual Forensics
Crypto Currency
Other Tools


All virtualization tests have been done using VirtualBOX 6.1 and VmWare softwares but Tsurugi Linux should be compatible with also other virtualization systems. An official Virtual Machine (in OVA format) is available in our download section.

As first step you just need to start the system and install the guest addition tools for better performance and usability:
On VirtualBOX we suggest to download it from the official site and NOT the repository
On VmWare we suggest to install 'open-vm-tools' from the repository
If needed it's suggested to adjust the hardware settings only after these steps because with some Windows systems and VmWare it could crash

Another important information is that on VmWare, after the ova import, it could be shown an error message just due to the lack of virtual guest addition tools so don't care about it
The default password is "tsurugi"


About accessibility several features are available by default:

On screen keyboard
Screen magnifier
Screen reader
Mouse keys switch
High contrast graphical templates

“TSURUGI Linux - the sharpest weapon in your DFIR arsenal”