The source code of Bitscout has been published on Github by Vitaly Kamluk (Kaspersky Lab researcher), it’s a compact and customizable tool created for remote digital forensics operations.
The project was initially developed as a hobby project. The first variant depended on full trust to the remote user, who was provided with root access to the live system.
Vitaly Kamluk said:
“My Bitscout project started years ago as a hobby. I had been playing with the creation and customisation of LiveCDs. Some time afterwards, when we needed to find traces of a certain attacker on a compromised PC in an African country, I thought I could help. I built a simple and minimal LiveCD on Linux, with a preconfigured VPN client and SSH server, and shared it with the system owner over the Internet.”
Bitscout includes a minimal collection of packages, libraries and tools to start the system and give most popular forensic tools to the expert immediately.
This project was designed separately of Kaspersky Lab product line and it’s outside of the scope of company’s business operation. Bitscout is not limited to particular users and might be useful to researchers, high-tech crime units of Law Enforcement and educational institutions.