http://www.anti-forensics.com Rendering computer investigations irrelevant Thu, 15 Dec 2011 07:57:59 +0000 en hourly 1 http://wordpress.org/?v=3.3 http://www.anti-forensics.com/the-risks-of-windows-hibernation-the-hiberfil-sys-and-web-browsing http://www.anti-forensics.com/the-risks-of-windows-hibernation-the-hiberfil-sys-and-web-browsing#comments Mon, 01 Feb 2010 17:17:32 +0000 Max http://www.anti-forensics.com/?p=704

Leave No Artifacts Behind – Linux Live CDs There are a few main reasons to use Linux Live...

Disable Thumbnail Caching and Wipe Thumbs.db files on a Windows XP System The thumbs.db file on a Windows XP system can be...

Full Disk Encryption With TrueCrypt on Windows XP TrueCrypt is a piece of amazing, free and open-source encryption...

]]> http://www.anti-forensics.com/the-risks-of-windows-hibernation-the-hiberfil-sys-and-web-browsing/feed 10 http://www.anti-forensics.com/beat-encase-file-signature-analysis-on-a-windows-system http://www.anti-forensics.com/beat-encase-file-signature-analysis-on-a-windows-system#comments Mon, 14 Sep 2009 07:28:24 +0000 Max http://www.anti-forensics.com/?p=564

Disable Thumbnail Caching and Wipe Thumbs.db files on a Windows XP System The thumbs.db file on a Windows XP system can be...

The Art of Defiling: Defeating Forensic Analysis on Unix Filesystems (Conference talk by The Grugq) The Grugq has contributed greatly to the anti-forensics community during...

The Rootkit Arsenal Escape and Evasion in the Dark Corners of the System by Bill Blunden The Rootkit Arsenal is primarily focused on rootkits, every aspect...

]]> http://www.anti-forensics.com/beat-encase-file-signature-analysis-on-a-windows-system/feed 9 http://www.anti-forensics.com/modify-ntfs-timestamps-and-cover-your-tracks-with-timestomp http://www.anti-forensics.com/modify-ntfs-timestamps-and-cover-your-tracks-with-timestomp#comments Thu, 05 Mar 2009 22:08:36 +0000 Max http://www.anti-forensics.com/?p=125

Modify TrueCrypt Encryption Boot Loader Strings In a previous post I mentioned that TrueCrypt leaves behind...

Beat EnCase File Signature Analysis on a Windows System Use a hex editor to modify the file signature of...

]]> http://www.anti-forensics.com/modify-ntfs-timestamps-and-cover-your-tracks-with-timestomp/feed 7 http://www.anti-forensics.com/modify-truecrypt-encryption-boot-loader-strings http://www.anti-forensics.com/modify-truecrypt-encryption-boot-loader-strings#comments Sun, 01 Mar 2009 10:16:23 +0000 Max http://www.anti-forensics.com/?p=159

Full Disk Encryption With TrueCrypt on Windows XP TrueCrypt is a piece of amazing, free and open-source encryption...

Using Just Full Disk Encryption is Not Enough So you've installed full disk encryption using TrueCrypt. You also...

Modify NTFS Timestamps and Cover Your Tracks With Timestomp.exe There have been a million articles written on using timestomp.exe....

]]> http://www.anti-forensics.com/modify-truecrypt-encryption-boot-loader-strings/feed 17