Call for tools..that people ACTUALLY use

[mmkhan]

SpinRite
http://grc.com/spinrite.htm

Restoration
http://www3.telus.net/mikebike/RESTORATION.html

R-Studio
http://www.data-recovery-software.net/

These tools work (Data Recovery) fine for me. Especially SpinRite due to its advanced features and very small size.

[cgkanchi]

I've used most of the tools hog listed at one time or the other, though not for any forensics work. I especially like filealyzer because it does the work of the UNIX file and string commands together.
But I've never heard of a Windows port for dd. Hog, got a link?

Cheers,
cgkanchi

[nihil]

OK Hog~ here are a couple,

1. http://www.roadkil.net/

This site has quite a few free tools, so is worth a browse. The one I like from a forensics/recovery viewpoint is the "Unstoppable Copier". It will recover data from DAMAGED media, which a lot of recovery tools will not. Works on HDDs, DVD, CD, Floppy etc..........

2. http://www.handyrecovery.com

"Handy Recovery" works with Win95 through XP. FAT12/16/32/NTFS/NTFS5. Will also recover files deleted by virus attacks and software faults.

Cheers

[kr5kernel]

Testing a network? Vulnerabilities? Penetration?

Knoppix STD

http://www.knoppix-std.org/

[hogfly]

cgkanchi: it's from unxutils. unxutils.sf.net

[HTRegz]

Hey Hey,

I'm prolly blind but I haven't seen it mentioned here tonight.. I had to use it for Data Recovery at work... and it can be handy from recovery from damaged Floppies and CDs... I've yet to see it fail and I've had some badly damaged stuff... however I've never had any purposely damaged disks....

Anyways.. it's called Bad Copy Pro... It will grab stuff from corrupted media... it was find deleted files... and it recovers them rather quickly... Even if windows doesn't think the disk is formatted.. It will recover whatever is one it... .

Anyways here's the link -- http://www.jufsoft.com/badcopy/

Peace,
HT

[Network Enforce]

I don't know how powerful this companies software is compared to Encase and FTK, but I have used them from time to time and have had positive results.

http://www.runtime.org

They have an assortment of software for data recovery and forensics.

Network Enforcer

[Spyrus]

I don't use a lot of odds and ends utilities as much as i used to but when i did they were

dameware
treesizepro (displays all folder sizes, hidden included, and what is in them) <- Great for hunting down things that dont belong
ipscan.exe pings everything in an ip range quickly to see what ips are active
killdisk low level format program



If your pc cant connect to the internet for some wierd reason I LOVE this util
WinSock Fix
That will rebuild the tcp/ip stack

SPYWARE
Spybot
Adaware
Hijack This
Aboutbuster

[|gridley|]

Im surpised noone mentioned The Sleuth Kit yet.

The Sleuth Kit (previously known as TASK) is a collection of UNIX-based command line file system and media management forensic analysis tools. The file system tools allow you to examine file systems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to process the file systems, deleted and hidden content is shown.

http://www.sleuthkit.org/sleuthkit/desc.php

[hogfly]

|gridley| heh, I was waiting to post that while I compiled my list of forensics tools.