Tsurugi is an heavily customized Linux distribution designed to support your DFIR investigations, malware analysis and open source intelligence activities.
In this distribution are included the latest versions of the most famous tools you need to conduct an in-depth forensic or incident response investigation and several useful features like device write blocking at kernel level, an OSINT profile switcher and much more!
The system is based on a 64 bits Ubuntu LTS (Long Time Support) and we preferred to use the 16.04 version to have a stable system with more supported tools, but an upgrade to 18.04 LTS version is still planned in the roadmap with also a dedicated repository.
The patched kernel is based on recent 4.18.5 version that implements many new drivers and features. You can use Tsurugi Linux [LAB] in live mode but its main goal is to be installed and became your default forensics lab.