Anti Forensic ToolsRSS

Anti-Forensic Tools

 

This page has raised a few eyebrows in it's time because it details products that could thwart a forensic investigation. The information isn't provided to assist anyone in avoiding prosecution, but to help forensic tool developers build better products and to assist forensic investigators in understanding what they may be up against.  Before publishing this page advice was sought from the UK National High Tech Crime Unit (NHTCU), They felt that many of the rogues who may benefit from the products on this page were already aware of them.  We therefore see this page as no different than publishing vulnerabilities and exploits for applications and operating systems that are already on the street.

srm

GPL
Pricing Model

srm is a secure replacement for rm(1). Unlike the standard rm, it overwrites the data in the target files before unlinking them. This prevents command-line recovery of the data by examining the raw block device. It may also help frustrate physical examina ...

Modified
GPL
Pricing Model

ya-wipe is a tool that effectively degausses the surface of a hard disk, making it virtually impossible to retrieve the data that was stored on it. This tool is designed to make sure that sensitive data is completely erased from magnetic media.

Modified
Freeware
Pricing Model

Darik's Boot and Nuke ("DBAN") is a self-contained boot floppy that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for ...

Modified
Commercial
Pricing Model

BCWipe can be run from My Computer as well as from a command-line prompt. BCWipe v.3 is a powerful set of utilities which complies with the US DoD 5200.28-STD standard and Peter Gutmann wiping scheme. You can also create and use you own customized wiping ...

Modified
BCWipe
Arne Vidstrom
Freeware
Pricing Model

Includes file encryption tools that can encrypt with either 3-DES or IDEA.

Modified
Cypherix Encryption Software
Commercial
Pricing Model

Secure IT 2000 is an easy to use, feature packed, file and folder encryption program based on 448-bit strong encryption using the Blowfish algorithm. It includes a customizable file shredder, and the ability to generate self decrypting email attachments.

Modified
Naval Criminal Investigative Service (NCIS)
COMMERCIAL
Pricing Model

Tracks Eraser Pro is designed to protect you by cleaning up all the tracks of Internet activities on your computer. With only one click, Tracks Eraser allows you to erase the cache, cookies, history, typed URLs, autocomplete memory, index.dat from your br ...

Modified
Commercial
Pricing Model

east-tec InvisibleSecrets is a steganography and file encryption software that allows you to encrypt file and folder structures that contain confidential data and hide files, making it completely invisible to any user. Other useful features include: Powe ...

Modified
Digital Confidence Ltd.
Commercial
Pricing Model

BatchPurifier is a tool to remove hidden data & metadata from multiple files. It is able to remove more than 50 types of hidden data from 20 file types, including Microsoft Office ...

Modified
Jake Williams
Open Source
Pricing Model

ADD is a physical memory anti-analysis tool designed to pollute memory with fake artifacts. This tool was first presented at Shmoocon 2014. Please note that this is a proof of concept tool. It forges OS objects in memory (poorly). It would be easy (very e ...

Modified
Freeware
Pricing Model

DBAN is free erasure software designed for the home user. It automatically deletes the contents of any hard disk that it can detect. This method can help prevent identity theft before recycling a computer. DBAN is also a commonly used solution to remove v ...

Modified
Data Wiping Software
Commercial
Pricing Model

Erase data securely from PCs, laptops, servers and storage environments. This fully automated and centrally managed erasure solution offers cutting edge efficiency and productivity. The most advanced data erasure solution on the market, this next generati ...

Modified
Commercial
Pricing Model

Blancco Removable Media Eraser is deliverable as a simple desktop application, or an MSI package delivered to multiple users, allowing single data erasure processes or simultaneous erasure. Achieve Compliance Securely erase removable media to improve dat ...

Modified
Blancco Removable Media Eraser
Commercial
Pricing Model

Guarantee your data has been erased from any type of drive in desktop/laptop computers, servers and storage environments. Blancco’s secure erasure methods ensure data is written across the full logical capacity of the drive (and not just compressed). &nb ...

Modified
Blancco Drive Eraser
Commercial
Pricing Model

Blancco Mobile is designed to securely erase your smartphone’s internal and external memory. Restoring factory settings does not ensure that data is permanently destroyed, because your data can still be recovered afterwards. With Blancco Mobile, all user ...

Modified
Blancco Mobile
Stellar Data Recovery

Bitraser is a certified and secure data erasing software which permanently deletes hard disk data beyond the scope of data recovery. It supports multiple international erasure standards such as DoD 3 passes / 7 passes and NIST.

Modified
Bitraser