Forensic Acquisition Utilities :: A collection of Windows tools such as 'dd.exe', 'md5sum.exe', 'wipe.exe', and 'nc.exe'. The version of 'dd' in this package can also image memory contents in addition to disks.

FTimes :: is a system baselining and evidence collection tool. The primary purpose of ftimes is to gather and/or develop information about specified directories and files in a manner conducive to intrusion analysis.

Live View :: is a Java-based graphical forensics tool that creates a VMware virtual machine out of a raw (dd-style) disk image or physical disk. This allows the forensic examiner to "boot up" the image or disk and gain an interactive, user-level perspective of the environment, all without modifying the underlying image or disk. Because

Netcat ::  has been dubbed the network swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It can be used on a trusted server to save data from a suspect system and can be used on the suspect system to send the output of tools to the server instead of writing to the suspect disk.

pdd (Palm dd) is a Windows-based tool for memory imaging and forensic acquisition of data from the Palm OS family of PDAs. pdd will preserve the crime scene by obtaining a bit-for-bit image or "snapshot" of the Palm device's memory contents. Such data can be used by forensic investigators, incident response teams, and criminal and civil prosecutors.

TULP2G is a forensic software framework developed to make it easy to extract and decode data from digital devices. Besides the framework, it is distributed along with several plug-ins to read data from digital devices (at this point, mobile phones and SIM cards).