In addition to standard unix/linux tools, the following extra tools have been included in the Masterkey Linux distribution:

Air 1.2.8

AIR is a GUI front-end to dd/dcfldd designed for easily creating forensic bit images.

Autopsy 2.21

The Autopsy Forensic Browser is a graphical interface to the command line digital investigation tools in The Sleuth Kit.

ClamAV for Unix 0.91.2

Clam AntiVirus is an anti-virus toolkit for UNIX

chkrootkit 0.47

chkrootkit is a tool to locally check for signs of a rootkit.

chntpw 070923

chntpw is an Offline password and Registry Editor

dcfldd 1.3.4-1

dcfldd is an enhanced version of GNU dd (also included in this distribution) with features useful for forensics and security

dd_rescue 1.14

dd_rescue copies data from one file or block device to another. It is intended for error recovery.

GParted 0.3.3

GParted is the Gnome Partition Editor application

Foremost 1.5

Foremost is a console program to recover files based on their headers, footers, and internal data structures. It is a data carving tool.

mac-robber 1.00

mac-robber is a digital investigation tool that collects data from allocated files in a mounted file system.

md5deep 1.12

md5deep is a cross-platform set of programs to compute MD5, SHA-1, SHA-256, Tiger, or Whirlpool message digests on an arbitrary number of files.

memdump 1.01

memory dumper for UNIX-like systems

Rootkit Hunter 1.3.0

Rootkit Hunter is a rootkit scanner.

Scalpel 1.60

Scalpel is a fast file carver that reads a database of header and footer definitions and extracts matching files from a set of image files or raw device files.

The Sleuth Kit 3.01

The Sleuth Kit (previously known as TASK) is a collection of UNIX-based command line file and volume system forensic analysis tools.

Stegdetect 0.6-4

Stegdetect is an automated tool for detecting steganographic content in images.

Wipe 2005-05-09

Wipe is a file and block device wiping utility.

Wireshark 0.99.6

Wireshark is a network protocol analyzer.