Anti Forensic ToolsRSS

Anti-Forensic Tools

 

This page has raised a few eyebrows in it's time because it details products that could thwart a forensic investigation. The information isn't provided to assist anyone in avoiding prosecution, but to help forensic tool developers build better products and to assist forensic investigators in understanding what they may be up against.  Before publishing this page advice was sought from the UK National High Tech Crime Unit (NHTCU), They felt that many of the rogues who may benefit from the products on this page were already aware of them.  We therefore see this page as no different than publishing vulnerabilities and exploits for applications and operating systems that are already on the street.

srm

GPL
Pricing Model

srm is a secure replacement for rm(1). Unlike the standard rm, it overwrites the data in the target files before unlinking them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examina ...

Modified
GPL
Pricing Model

ya-wipe is a tool that effectively degausses the surface of a hard disk, making it virtually impossible to retrieve the data that was stored on it. This tool is designed to make sure that sensitive data is completely erased from magnetic media.

Modified
Salvatore Sanfilippo
GPL
Pricing Model

Overwrite is a UNIX utility that try to make harder data recovering. What overwrite does is to overwrite files using random patterns and deterministic patterns, as suggested in the Peter Gutmann's paper "Secure Deletion of Data from Magnetic and Solid-Sta ...

Modified
Freeware
Pricing Model

Darik's Boot and Nuke ("DBAN") is a self-contained boot floppy that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for ...

Modified
Phil Howard.
COMMERCIAL
Pricing Model

Diskzapper Dangerous automatically begins erasing all the disks as soon as the booting process is completed. No user action is required. This was intended to be used on computers for which it is not convenient to plug in a keyboard and monitor.

Modified
COMMERCIAL
Pricing Model

BCWipe can be run from My Computer as well as from a command-line prompt. BCWipe v.3 is a powerful set of utilities which complies with the US DoD 5200.28-STD standard and Peter Gutmann wiping scheme. You can also create and use you own customized wiping ...

Modified
Arne Vidstrom
Freeware
Pricing Model

Includes file encryption tools that can encrypt with either 3-DES or IDEA.

Modified
Cypherix Encryption Software
Commercial
Pricing Model

Secure IT 2000 is an easy to use, feature packed, file and folder encryption program based on 448-bit strong encryption using the Blowfish algorithm. It includes a customizable file shredder, and the ability to generate self decrypting email attachments.

Modified
BAxBEx Software
COMMERCIAL
Pricing Model

CryptoMite enables you to encrypt, decrypt, and wipe files and folders of any type. It supports various encryption engines, along with ZIP compression. Functions to build self-extracting encrypted ZIP files and e-mail capabilities are also included.

Modified
Robin Hood Software Ltd.
COMMERCIAL
Pricing Model

Evidence Eliminator destroys: Windows SWAP file, Windows Application logs, Windows Temporary Files, Windows Recycle Bin, Windows Registry Backups, Windows Clipboard Data, Start Menu Recent Documents history, Start Menu Run history, Start Menu Find Files ...

Modified
Naval Criminal Investigative Service (NCIS)
COMMERCIAL
Pricing Model

Tracks Eraser Pro is designed to protect you by cleaning up all the tracks of Internet activities on your computer. With only one click, Tracks Eraser allows you to erase the cache, cookies, history, typed URLs, autocomplete memory, index.dat from your br ...

Modified
Mares and Company, LLC
COMMERCIAL
Pricing Model

The program is designed to "wipe" hard disks to meet Department of Defense standards from the Rainbow series concerning declassification (wiping) of hard disks and cleansing of floppy disks. Declasfy writes the entire disk with hex 0s, then 1s (0xff), the ...

Modified
Commercial
Pricing Model

east-tec InvisibleSecrets is a steganography and file encryption software that allows you to encrypt file and folder structures that contain confidential data and hide files, making it completely invisible to any user. Other useful features include: Powe ...

Modified
Invisible Secrets
Digital Confidence Ltd.
Commercial
Pricing Model

BatchPurifier is a tool to remove hidden data & metadata from multiple files. It is able to remove more than 50 types of hidden data from 20 file types, including Microsoft Office ...

Modified
Open Source
Pricing Model

Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, compact and follows the tru ...

Modified
Jake Williams
Open Source
Pricing Model

ADD is a physical memory anti-analysis tool designed to pollute memory with fake artifacts. This tool was first presented at Shmoocon 2014. Please note that this is a proof of concept tool. It forges OS objects in memory (poorly). It would be easy (very e ...

Modified
Freeware
Pricing Model

DBAN is free erasure software designed for the home user. It automatically deletes the contents of any hard disk that it can detect. This method can help prevent identity theft before recycling a computer. DBAN is also a commonly used solution to remove v ...

Modified
Data Wiping Software
Commercial
Pricing Model

Erase data securely from PCs, laptops, servers and storage environments. This fully automated and centrally managed erasure solution offers cutting edge efficiency and productivity. The most advanced data erasure solution on the market, this next generati ...

Modified
Commercial
Pricing Model

Blancco Flash ensures data erasure before you dispose of your digital storage media. It permanently erases data from various solid-state removable storage media such as USB thumb drives, Secure Digital (SD) memory cards, CompactFlash cards, Microdrives an ...

Modified
Blancco Flash
Commercial
Pricing Model

Developed as a total data destruction solution for organizations, Ontrack Eraser Degausser is an in-house, do-it-yourself solution for large volumes of damaged or end-of-life devices.     Erase 100 percent of data in just seconds. &nbsp ...

Modified
Ontrack Eraser Degausser

© Computer Network Defence Limited 2021