In addition to standard unix/linux tools, the following extra tools have been included in the Masterkey Linux distribution:
AIR is a GUI front-end to dd/dcfldd designed for easily creating forensic bit images.
The Autopsy Forensic Browser is a graphical interface to the command line digital investigation tools in The Sleuth Kit.
ClamAV for Unix 0.91.2
Clam AntiVirus is an anti-virus toolkit for UNIX
chkrootkit is a tool to locally check for signs of a rootkit.
chntpw is an Offline password and Registry Editor
dcfldd is an enhanced version of GNU dd (also included in this distribution) with features useful for forensics and security
dd_rescue copies data from one file or block device to another. It is intended for error recovery.
GParted is the Gnome Partition Editor application
Foremost is a console program to recover files based on their headers, footers, and internal data structures. It is a data carving tool.
mac-robber is a digital investigation tool that collects data from allocated files in a mounted file system.
md5deep is a cross-platform set of programs to compute MD5, SHA-1, SHA-256, Tiger, or Whirlpool message digests on an arbitrary number of files.
memory dumper for UNIX-like systems
Rootkit Hunter 1.3.0
Rootkit Hunter is a rootkit scanner.
Scalpel is a fast file carver that reads a database of header and footer definitions and extracts matching files from a set of image files or raw device files.
The Sleuth Kit 3.01
The Sleuth Kit (previously known as TASK) is a collection of UNIX-based command line file and volume system forensic analysis tools.
Stegdetect is an automated tool for detecting steganographic content in images.
Wipe is a file and block device wiping utility.
Wireshark is a network protocol analyzer.