We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews. Many site elements are explained by tool tips if you hover your mouse over them. Enjoy!
Maltego is a forensics and data mining application. It is capable of querying various public data sources and graphically depicting the relationships between entities such as people, companies, web sites, and documents. Maltego is an open source intelligence too, but isn't open source software.
Read 1 review.
Latest release: version 3.0.3 on Jan. 17, 2011 (6 years ago).
Helix is a Ubuntu live CD customized for computer forensics. Helix has been designed very carefully to not touch the host computer in any way and it is forensically sound. Helix will not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics. Downloading of the live CD is only provided as a complement to membership in the e-fense members-only forum. An unsupported, older, no-cost version is available as well.
Review this tool.
Latest release: version 2009R3 on Dec. 23, 2009 (7 years ago).
The Sleuth Kit (previously known as TSK) is a collection of UNIX-based command line file and volume system forensic analysis tools. The file system tools allow you to examine file systems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to process the file systems, deleted and hidden content is shown. A graphical interface to the tools called Autopsy is available.
Read 2 reviews.
Latest release: version 4.0.1 on Nov. 13, 2012 (4 years, 2 months ago).
EnCase is a suite of computer forensics software, commonly used by law enforcement. Its wide use has made it a de-facto standard in forensics. It is made to collect data from a computer in a forensically sound manner (employing checksums to help detect tampering).
Read 2 reviews.
Latest release: version 7.10.05 on March 18, 2015 (1 year, 10 months ago).