PhotoRec is file data recovery software designed to recover lost files including video, documents and archives from Hard Disks and CDRom and lost pictures (thus, its ‘Photo Recovery’ name) from digital camera memory. PhotoRec ignores the filesystem and goes after the underlying data, so it will still work even if your media’s filesystem has been severely damaged or re-formatted.

PhotoRec is free, this open source multi-platform application is distributed under GNU Public License. PhotoRec is a companion program to TestDisk, an app for recovering lost partitions on a wide variety of filesystems and making non-bootable disks bootable again.

http://www.cgsecurity.org/wiki/PhotoRec

Partedmagic

Parted Magic is a Linux LiveCD/USB/PXE with its elemental purpose being to partition hard drives and is not designed to be a “Rescue CD” nor is it based on another Distribution.

Optimized at approximately 45MB, the Parted Magic OS employs core programs of GParted and Parted to handle partitioning tasks with ease, while featuring other useful programs (e.g. Partition Image, TestDisk, fdisk, sfdisk, dd, ddrescue, etc.) and an excellent set of documentation to benefit the user. An extensive collection of fileystem tools are also included, as Parted Magic supports the following: ext2, ext3, ext4, fat16, fat32, hfs, hfs+, jfs, linux-swap, ntfs, reiserfs, reiser4, and xfs.

The latest version is updated with: Linux 2.6.24.3, Parted 1.8.8, ntfsprogs-2.0.0, ntfs-3g-1.2506, and GParted-0.3.7.

Parted Magic uses Busybox for basic Unix commands and networking, the Dropbear SSH server and client, and Firefox to surf the web.

The current Xserver is xorg-server-1.4.0.90 with the following drivers: apm, ark, ati, chips, cirrus, cyrix, glint, i128, i740, i810, mga, neomagic, nv, r128, riva128, radeon, rendition, s3, s3virge, savage, siliconmotion, sis, tdfx, tga, trident, tseng, vesa, vmware, and voodoo.

The mini Xserver, Xvesa, is also available.

TestDisk

TestDisk is a powerful free data recovery software! It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software, certain types of viruses or human error (such as accidentally deleting a Partition Table). Partition table recovery using TestDisk is really easy.

Foremost

Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. The headers and footers can be specified by a configuration file or you can use command line switches to specify built-in file types. These built-in types look at the data structures of a given file format allowing for a more reliable and faster recovery.

Scalpel

Scalpel is a fast file carver that reads a database of header and footer definitions and extracts matching files from a set of image files or raw device files. Scalpel is filesystem-independent and will carve files from FATx, NTFS, ext2/3, or raw partitions. It is useful for both digital forensics investigation and file recovery. Scalpel resulted from a complete rewrite of foremost 0.69, a popular open source file carver, to enhance performance and decrease memory usage.

The Sleuth Kit

The Sleuth Kit (previously known as TASK) is a collection of UNIX-based command line file and volume system forensic analysis tools. The file system tools allow you to examine file systems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to process the file systems, deleted and hidden content is shown.

The volume system (media management) tools allow you to examine the layout of disks and other media. The Sleuth Kit supports DOS partitions, BSD partitions (disk labels), Mac partitions, Sun slices (Volume Table of Contents), and GPT disks. With these tools, you can identify where partitions are located and extract them so that they can be analyzed with file system analysis tools.

When performing a complete analysis of a system, we all know that command line tools can become tedious. The Autopsy Forensic Browser is a graphical interface to the tools in The Sleuth Kit, which allows you to more easily conduct an investigation. Autopsy provides case management, image integrity, keyword searching, and other automated operations.

PartitionSupport.com

Provides a host of functions for recovering data from damaged file systems of all kinds http://www.partitionsupport.com/utilities.htm

Analyzing malicious websites?

Check out Malzilla

Analyzing malicious websites online ?

Check out Wepawet

Interested in tracking Zeus/Zbot ?

Check out ZeusTracker

BLock All Drive-by download Exploits ?

Check out a new project BLADE

http://ttyrpld.sourceforge.net/desc.php