PaulDotCom mailing list archives
Anti-forensic tools
From: irongeek at irongeek.com (Adrian Crenshaw)
Date: Thu, 2 Jul 2009 10:53:26 -0400
Yep, apparently it does. It will be a pain in the butt to test them all, I'd have to: 1. zero out a drive. 2. Install Windows. 3. run the app in incognito mode. 4. dump the drive. 5. data carve it to see if anything is there. As a side note, anyone good out there with dd? I'd like to repeat the same file over and over againd to a block device. for example, I try: dd if=lemonparty.jpg of=\\.\f: bs=512 it only seems to put the file there once, not over the whole drive. I played with the count, but that only seems to deal with the bs (block size) -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090702/ffb3e177/attachment.htm
Current thread:
- Anti-forensic tools, (continued)
- Anti-forensic tools Chris Merkel (Jul 01)
- Anti-forensic tools Jim Halfpenny (Jul 01)
- Anti-forensic tools Jody & Jennifer McCluggage (Jul 01)
- Anti-forensic tools Joel Folkerts (Jul 01)
- Anti-forensic tools Adrian Crenshaw (Jul 01)
- Anti-forensic tools Joel Folkerts (Jul 01)
- Anti-forensic tools Mad Marv (Jul 01)
- Anti-forensic tools Cody Ray (Jul 01)
- Anti-forensic tools Chris Merkel (Jul 01)
- Anti-forensic tools Adrian Crenshaw (Jul 02)
- Anti-forensic tools Dimitrios Kapsalis (Jul 02)
- Anti-forensic tools Adrian Crenshaw (Jul 02)
- Anti-forensic tools Joshua Wright (Jul 02)
- Anti-forensic tools Adrian Crenshaw (Jul 02)
- Anti-forensic tools Jim Halfpenny (Jul 02)
- Anti-forensic tools Grymoire (Jul 02)
- Anti-forensic tools Adrian Crenshaw (Jul 02)
- Anti-forensic tools Jim Halfpenny (Jul 02)
- Anti-forensic tools Jack Daniel (Jul 02)
- Anti-forensic tools Joshua Wright (Jul 02)
- Anti-forensic tools John Strand (Jul 03)
- Anti-forensic tools Adrian Crenshaw (Jul 03)