AUTHOR NAME

Max

27 POSTS
0 COMMENTS

Simple File Wiping on Linux using shred and dd

Use the strings command again, but specify the encoding option strings data01 -e {b,l}. Remember when the "test" file was deleted? The rm command was used, not shred. The file name data still resides in the file table and is recoverable because of this.

Reading the Notepad Tab Cache

This software will gather notepad.exe tab cache data and print it to standard output in json format. Notepad keeps a cache of open tabs, meaning it remembers which files or documents you have open in the editor even if you close Notepad and reopen it later.

Disabling UserAssist in Registry

UserAssist registry forensics is a method used to investigate the activity of users on a Windows operating system.

Simple C# Timestomp

SharpTimestomp.exe is a simple proof-of-concept timestomp application that modifies date/time values for the file indicated in the arguments.

SimpleWiper Suite – Wiping Files With C#

The SimpleWiper suite of tools includes a SimpleFileWiper application. This application will calculate the size of the file to be deleted. It will then overwrite the file with random data.

C# – Kill Process (FTK Imager)

Simple C# application demonstrating how to kill running processes. In this case, the Digital Forensics software. C# Kill Process

sprung – Reboot Operating System (Linux) When a Thumbdrive is Removed

sprung is a simple script that scans for a device ID and the serial number for a particular device. If the device is removed or malfunctions so that either the device ID or the serial number change or become unreadable, a forced system reset occurs using a Magic SysRq Key routine.

shkval – Remote Wiping Software for Linux

shkval is an example of a remote wiping software that can be used on any Linux system utilizing nftables. nft rules are setup on the server so that packet data, including TCP options, are stored in entries logged to dmesg. This means we do not need to bind to a socket to send commands to the system.

C# AES-256 CBC Encryption and Decryption (SimpleEncryptor) Source Code/GitHub

Learn to encrypt files with C# CSharp AES-256 CBC Mode Encryption Github Source Code

FBI: Blind Faith Program

The Blind Faith Program is an analytical program which provides a technical countermeasures profile for targets of investigative interest to the FBI.

Latest news