In cryptography, MD5 (Message-Digest algorithm 5) is a widely used. Cryptographic hash functions with a 128-bit hash value. As an Internet standard (RFC 1321), MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. More. . 

SHA is a simple program that hashes files. It uses the National Institute of Standards and Technology's Secure Hash Algorithm. It can use SHA-1, SHA-256, SHA-384, or SHA-512, which generate respectively, hashes of 160, 256, 384, or 512 bits. sha can be used in scripts to do, for example, file integrity checking. The C implementations of the algorithms might be useful in other projects as well. To access the tool Click Here

In cryptography, RSA is an algorithm for public-key cryptography. It was the first algorithm known to be suitable for signing as well as encryption, and one of the first great advances in public key cryptography. RSA is widely used in electronic commerce protocols, and is believed to be secure given sufficiently long keys and the use of up-to-date implementations. More. . 

John the Ripper is free and Open Source software, distributed primarily in source code form. To access their website CLICK HERE

Cain and Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kinds of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. To access their website CLICK HERE

Password Recovery Toolkit gives you the ability to recover passwords from well-known applications. PRTK is perfect for law enforcement and corporate security professionals. To access their website CLICK HERE

Rainbow tables are pre-computed, brute-force attacks. In cryptography, a brute-force attack is an attempt to recover a cryptographic key or password by trying every possible combination until the correct one is found.

X-Ways Forensics is an advanced work environment for computer forensic examiners and our flagship product. It runs under Windows 2000/XP/2003/Vista/2008. It is based on the WinHex hex and disk editor and part of an efficient workflow model where computer forensic examiners share data and collaborate with investigators that use X-Ways Investigator. To access their website CLICK HERE

FTK Imager is a data preview and imaging tool that lets you quickly assess electronic evidence to determine if further analysis with AccessData Forensic Toolkit® (FTK) is warranted. FTK Imager can also create perfect copies (forensic images) of computer data without making changes to the original evidence. To access their website CLICK HERE

Helix is a Forensic tool brought to us from E-Fense. Helix has been modified very carefully to NOT touch the host computer in any way and it is forensically sound. Helix also has a special Windows autorun side for Incident Response and Forensics. Helix focuses on Incident Response & Forensics tools. It is meant to be used by individuals who have a sound understanding of Incident Response and Forensic techniques. To access their website CLICK HERE

Log parser is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files, as well as key data sources on the Windows® operating system such as the Event Log, the Registry, the file system, and Active Directory®. You tell Log Parser what information you need and how you want it processed. The results of your query can be custom-formatted in text based output, or they can be persisted to more specialty targets like SQL, SYSLOG, or a chart. To access their website CLICK HERE

WinHex is in its core a universal hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. An advanced tool for everyday and emergency use: inspect and edit all kinds of files, recover deleted files or lost data from hard drives with corrupt file systems or from digital camera cards. To access their website
For accessing the tool CLICK HERE

AccessData Registry Viewer allows you to view the contents of Windows operating system registries. Unlike the Windows Registry Editor, which displays only the current system’s registry, Registry Viewer lets you view registry files from any system. Registry Viewer also provides access to a registry’s protected storage, which contains passwords, usernames, and other information not accessible in Windows Registry Editor. To access their website CLICK HERE

LogBuddy for Palm Desktop is a desktop application running on Windows operating system. It contains complete information about the Palm HotSync log. The HotSync log is displayed in the tree structure which makes the log much easier to read than before. To access their website CLICK HERE

Distributed Network Attack, (a.k.a DNA), is a new approach to recovering password protected files. In the past, recoveries have been limited to the processing power of one machine. DNA uses the power of machines across the network or across the world to decrypt passwords. To access their website Click Here

IRS is a software application that acts like a "valid source IP address" scanner for a given service, not like a port scanner as many would think. Many servers and network devices like routers and switches provides features like ACLs, IP Filters, Firewall rules and so on to give access to their Services only to particular network addresses (usually Administrator's workstations).
To access their website Click Here

Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. To access their website Click Here

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. To access their website Click Here

sTerm is a Telnet client with a unique feature. It can establish an entire bi-directional Telnet session to a target host never sending your real IP and MAC addresses in any packet. Using "MAC Spoofing", "IP Spoofing" and "ARP Poisoning" techniques, sTerm can effectively bypass Firewall rules, ACLs and IP restrictions on servers and network devices.
To access their website Click Here

The UltraKit is portable kit which contains a complete family of UltraBlock hardware write blockers for use in acquiring a forensically sound image of virtually any hard drive you may encounter. The UltraKit is a complete arsenal of FireWire (A/B) / USB (1.x/2.0) Interface Parallel IDE, Serial ATA and SCSI Hardware Write Blockers. The UltraKit contains all the write blockers, cables, adapters, and power supplies necessary for use in acquiring images in the field using a standard laptop with FireWire or USB support. The UltraKit consists of a Write Protected UltraBlock IDE / SATA, UltraBlock SCSI and a Write Enabled UltraBlock IDE / SATA. Simply select the appropriate Write Protected UltraBlock and attach it to the source drive, attach your target drive to the Write Enabled UltraBlock IDE / SATA, and use your desktop or laptop to acquire a forensically protected disk image.
The UltraBlock USB is included with the UltraBlock + UltraBlock USB kit above. The UltraBlock Forensic USB Bridge brings secure, hardware-based write blocking to the world of USB mass storage devices. To access their website Click Here

The Forensic toolkit can parse a number of filesystems, including FAT 12/16/32, NTFS, NTFS Compressed, Ext2, and Ext3. It can use image files created by EnCase, SMART, Snapback, some versions of Safeback and dd. The program allows users to search with keywords or take advantage of drive indexing using the dtSearch algorithm.

Guidance Software offers training on all computer and enterprise investigation topics. Enterprise investigations, including eDiscovery and computer security incident response. Forensic investigations, including law enforcement and fraud investigations. There are training that provides participants with an understanding of the proper handling of digital evidence from the initial seizure of the computer/media to acquisition, and then progresses to the analysis of the data. It concludes with archiving and validating the data.

The FLETC serves as an interagency law enforcement training organization for more than 80 Federal agencies. The Center also provides services to state, local, and international law enforcement agencies.

To assist countries achieve economic growth and sustainable development, IP3 offers a diverse menu of off-the-shelf, customized, regional, and online training courses and workshops. At IP3, there is a tremendous opportunity to integrate information communication technology services into education and training.