# sleuthkit : Brian Carrier's replacement to TCT. # autopsy : Web front-end to sleuthkit. # mac-robber : TCT's graverobber written in C. # fenris : debugging, tracing, decompiling. # wipe : Secure file deletion. # MAC_Grab : e-fense MAC time utility. # GRAB : e-fense Forensic Acquisition Utility. # foremost : Carve files based on header and footer. # fatback : Analyze and recover deleted FAT files. # md5deep : Recursive md5sum with db lookups. # sha15deep : Recursive sha1sum with db lookups. # dcfldd : dd replacement from the DCFL. # sdd : Specialized dd w/better preformance. # PyFLAG : Forensic and Log Analysis GUI. # Faust : Analyze elf binaries and bash scripts. # e2recover : Recover deleted files in ext2 file systems. # Pasco : Forensic tool for Internet Explorer Analysis. # Galleta : Cookie analyzer for Internet Explorer. # Rifiuti : "Recycle BIN" analyzer. # Bmap : Detect & Recover data in used slackspace. # Ftimes : A toolset for forensic data acquisition. # chkrootkit : Look for rootkits. # rkhunter : Rootkit hunter. # ChaosReader : Trace tcpdump files and extract data. # lshw : Hardware Lister. # logsh : Log your terminal session (Borrowed from FIRE). # ClamAV : ClamAV Anti Virus Scanner. # F-Prot : F-Prot Anti Virus Scanner. # 2 Hash : MD5 & SHA1 parallel hashing. # glimpse : Indexing and query system. # Outguess : Stego detection suite. # Stegdetect : Stego detection suite. # Regviewer : Windows Registry viewer. # Chntpw : Change Windows passwords. # Grepmail : Grep through mailboxes. # logfinder : EFF logfinder utility. # linen : EnCase Image Acquisition Tool. # Retriever : Find pics/movies/docs/web-mail.