Repository navigation
antiforensics
- Website
- Wikipedia
BleachBit system cleaner for Windows and Linux
HiddenVM — Use any desktop OS without leaving a trace.
Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in general that makes changes to a system for the purposes of hiding information.
ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries ever having to touch storage. This is useful for red-teaming and anti-forensics purposes.
Wipe files and drives securely with random ASCII dicks
Wipe files and drives securely with randoms ASCII dicks
A simple Metadata Removal Tool for images and videos using exiftool and ffmpeg in C and Python3.
An application designed to silently protect user data from powerful adversaries.
A python script to decrypt Cellebrite UFED EPR files.
A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. Please add a new issue if you have an idea for something to add.
An IOC collection for the Cellebrite UFED forensic toolkit.
tamper resistant audit log
[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
benzyne is a data-hiding library written in pure PHP, intended for hiding data on any Windows machine.
PNG file parser, for forensic/anti-forensic purposes primarily.
A tool to spoof a forensics investigator by randomising the hardware clock so it is difficult to tell when a files were written, making the job much harder and time consuming.
Pagarus Webshell - Windows webshell with command line obfuscation.
Anti Forensic Detection Tool, multifunctional application to detect the presence of anti-forensic techniques in Windows systems. It was my Master's Thesis, in the cybersecurity master's degree that I did with the IMF Smart Education school and the Deloitte company.
Linux internals explorations
Very very basic program to wipe free space on a drive, that can run on just bash. No other dependencies or libraries necessary (The aim was to have it run on android with bash installed)