type here...

Must Read

Anti-Forensics involves the use to tools and techniques used to frustrate a digital forensics investigation.

These techniques are designed to eliminate, alter, or disguise digital evidence in a manner that makes it challenging or impossible for forensic analysts to collect, analyze, or interpret it effectively. Anti-forensic methods can include data encryption, file obfuscation, data wiping, the use of steganography to hide data within other files, altering file timestamps to disrupt timeline analysis, and the use of sophisticated malware to compromise forensic tools.

The goal of anti-forensics is not only to protect information from unauthorized access but also to create a digital environment where forensic investigators are unable to ascertain the original actions or intentions of the user, thereby ensuring privacy or concealing illicit activities. As digital forensic techniques evolve to become more sophisticated, so too do the anti-forensic methods employed to counteract them, leading to a continuous cat-and-mouse dynamic between investigators and individuals seeking to evade detection.

Anti-Forensics involves the use to tools and techniques used to frustrate a digital forensics investigation.

These techniques are designed to eliminate, alter, or disguise digital evidence in a manner that makes it challenging or impossible for forensic analysts to collect, analyze, or interpret it effectively. Anti-forensic methods can include data encryption, file obfuscation, data wiping, the use of steganography to hide data within other files, altering file timestamps to disrupt timeline analysis, and the use of sophisticated malware to compromise forensic tools.

The goal of anti-forensics is not only to protect information from unauthorized access but also to create a digital environment where forensic investigators are unable to ascertain the original actions or intentions of the user, thereby ensuring privacy or concealing illicit activities. As digital forensic techniques evolve to become more sophisticated, so too do the anti-forensic methods employed to counteract them, leading to a continuous cat-and-mouse dynamic between investigators and individuals seeking to evade detection.

Cybersecurity

How Viable is a File System Mini-Filter Driver for Whitelisting File Modifications on a Windows Volume (ransomware protection)?

Max Max - 0
The type of mini-filter described in this context is a File System Mini-Filter Driver, specifically designed to intercept and control file I/O operations on...
Anti-Forensics

Python XOR – Running Encrypted Python Code from Memory

Max Max - 0
This program will execute XOR encrypted ciphertext (Python code) when provided the right passphrase or key, in memory.

Generate an Unlimited Amount of VeraCrypt Containers

Max - 0
The major goal of this software is to frustrate a digital forensics examination by overwhelming an investigator with encrypted containers.

LSB Steganography Password Protect with Encryption in Python using PNG Files

Max - 0
This software implements LSB Steganography password protect, as described and demonstrated in the link above, and in addition, message encryption. This way a user can encrypt their hidden message using Fernet, with a passphrase.

LSB (Least Significate Bit) Steganography in Python using PNG Files

Max - 0
Using LSB Steganography in Python to hide a message in a PNG. Input and extract hidden messages using Least Significant Bit Steganography.

Steganography by File Appending – Hiding a zip File in a jpg

Max - 0
Appending a ZIP file to the end of a JPG image is a straightforward process because the JPEG format's structure allows the image to remain valid and viewable in image viewers, while the ZIP file remains accessible with archive managers.

Jennifer Funk – To VPN or not to VPN with TOR

Max - 0
Food for thought and lunch time entertainment. To VPN or not to VPN when using TOR. You may think "Always VPN! no doubt!" Not so fast...check out this video for the pros and cons of using a VPN with TOR.

Tails Version 6.0 – 2/27/2024

Max - 0
We are very excited to present you Tails 6.0, the first version of Tails based on Debian 12 (Bookworm) and GNOME 43. Tails 6.0 brings new versions of most of the software included in Tails as well as several important security and usability improvements.

Disable bash History on Debian 12 for a Single User

Max - 0
While .bash_history is the default for storing command history in Bash, users can configure a different filename, location, or disable bash history by setting the HISTFILE environment variable.

Metasploit Meterpreter timestomp and Verification with Autopsy

Max - 0
Timestomping is a technique used to manipulate the timestamps associated with files on a computer system, such as the creation, modification, and access times, in order to conceal or alter the chronological history of a file's activity.

Python cryptography Package Updated 2/23/2024

Max - 0
cryptography is a package which provides cryptographic recipes and primitives to Python developers. Our goal is for it to be your “cryptographic standard library”.

Simple File Wiping on Linux using shred and dd

Max - 0
Use the strings command again, but specify the encoding option strings data01 -e {b,l}. Remember when the "test" file was deleted? The rm command was used, not shred. The file name data still resides in the file table and is recoverable because of this.

Reading the Notepad Tab Cache

Max - 0
This software will gather notepad.exe tab cache data and print it to standard output in json format. Notepad keeps a cache of open tabs, meaning it remembers which files or documents you have open in the editor even if you close Notepad and reopen it later.

Disabling UserAssist in Registry

Max - 0
UserAssist registry forensics is a method used to investigate the activity of users on a Windows operating system.

Simple C# Timestomp

Max - 0
SharpTimestomp.exe is a simple proof-of-concept timestomp application that modifies date/time values for the file indicated in the arguments.

SimpleWiper Suite – Wiping Files With C#

Max - 0
The SimpleWiper suite of tools includes a SimpleFileWiper application. This application will calculate the size of the file to be deleted. It will then overwrite the file with random data.

C# – Kill Process (FTK Imager)

Max - 0
Simple C# application demonstrating how to kill running processes. In this case, the Digital Forensics software. C# Kill Process

sprung – Reboot Operating System (Linux) When a Thumbdrive is Removed

Max - 0
sprung is a simple script that scans for a device ID and the serial number for a particular device. If the device is removed or malfunctions so that either the device ID or the serial number change or become unreadable, a forced system reset occurs using a Magic SysRq Key routine.

shkval – Remote Wiping Software for Linux

Max - 0
shkval is an example of a remote wiping software that can be used on any Linux system utilizing nftables. nft rules are setup on the server so that packet data, including TCP options, are stored in entries logged to dmesg. This means we do not need to bind to a socket to send commands to the system.

C# AES-256 CBC Encryption and Decryption (SimpleEncryptor) Source Code/GitHub

Max - 0
Learn to encrypt files with C# CSharp AES-256 CBC Mode Encryption Github Source Code

BASIC THREAT FEED

Free
Free Anti-Forensics Threat Feed
CHOOSE
  • One global location
  • Performance report
  • Email notifications
  • Continous import
  • API integration
  • Reusable snippets
  • Standard support

Privacy Policy

asdfasdfasdfasdf