The Grugq has contributed greatly to the anti-forensics community during the course of his computer forensic and anti-computer forensic research. The video below is a presentation The Grugq performed at the Hack in the Box 2004 security conference. Apparently, The Grugq has lost a job as a security consultant in the past because of his research and articles dealing with anti-forensics or more specifically, his criticism of some computer forensics software such as The Coroners Toolkit by Dan Farmer and Wietse Venema.
This must watch presentation on anti-forensics will familiarize you on Unix file system structure, common forensic tools (at least in 2004) and some theories behind file system anti-forensic attacks.
Recent Comments