DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.
Cleversafe is a storage software solution that offers extremely high reliability and security. Cleversafe uses fast information dispersal algorithms to store small slices of data in multiple, disparate locations. Each slice is individually unusable, yet any majority of the slices can perfectly recreate all of the original data. A large dispersed storage grid with 11 or more storage locations can remain fully operational even if up to any 5 of the storage nodes are not operational.
GrokEVT is a collection of scripts built for reading Windows® NT/2K/XP/2K3 event log files. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though it is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives.
Grml is a live system (live CD) based on Debian. It includes a collection of GNU/Linux software especially for system administrators and users of texttools. It provides automatic hardware detection and its default shell is the zsh. You can use it e.g. as a rescue system, for analyzing systems/networks, or as a working environment. It is not necessary to install anything to a hard disk; you don't even need a hard disk to run it. Due to on-the-fly decompression, it includes more than 2 GB of software and documentation on the CD.
INSERT (the Inside Security Rescue Toolkit) aims to be a multi-functional, multi-purpose disaster recovery and network analysis system. It boots from a credit card-sized CD-ROM and is basically a stripped-down version of Knoppix. It features good hardware detection, fluxbox, emelfm, links-hacked, ssh, tcpdump, nmap, chntpwd, and much more. It provides full read-write support for NTFS partitions (using ntfs-3g), and the ClamAV virus scanner (including a fairly recent signature database and a GUI). It provides partition handling with gParted and also has a network boot facility.
SafeClean quickly removes Internet history files, caches, bookmarks, email, and conversation logs that can allow others to find out what you have been doing on the Internet, possibly revealing personal and potentially compromising information. It allows you to permanently destroy information about your Web browsing activities, private email messages, and even information on your use of Instant Messenger programs. It is easy to use, and provides a one-click method to protect your Internet privacy. For power users, SafeClean is completely configurable so that you can decide which types of information or which Internet applications you wish to clean for privacy purposes.