Tsurugi is an heavily customized Linux distribution designed to support your DFIR investigations, malware analysis and OSINT (Open Source INTelligence) activities.
In this distribution are included the latest versions of the most famous tools you need to conduct an in-depth forensic or incident response investigation and several special features like device write blocking at kernel level, a dedicated Computer Vision analysis section, an OSINT profile switcher and much more that you can discover in our documentation!
The system is based on a 64 bits Ubuntu LTS (Long Time Support) and we preferred initially to use the "Ubuntu 16.04 LTS" version to have a stable system with more supported tools, but the upgrade to a new LTS version will be applied in the next release.
The patched kernel is based on 5.4.2 version that implements many new drivers and features. You can use Tsurugi Linux [LAB] in live mode but its main goal is to be installed and became your default forensics lab.