Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/PaulNorman01/Forensia

Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
https://github.com/PaulNorman01/Forensia

anti-forensics evasion forensics post-exploitation redteam

Last synced: 2 months ago
JSON representation

Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.

Awesome Lists containing this project

README 

        
# Forensia

**Anti Forensics Tool For Red Teamers, Used For Erasing Some Footprints In The Post Exploitation Phase.**



Reduces Payload Burnout And Increases Detection Countdown. Can Be Used To Test The capabilities of Your Incident Response / Forensics Teams.



## Capabilities



* Unloading Sysmon Driver.

* Gutmann Method File Shredding.

* USNJrnl Disabler.

* Prefetch Disabler.

* Log Eraser and Event log Disabler.

* User Assist Update Time Disabler.

* Access Time Disabler.

* Clear Recent Items

* Clear Shim Cache

* Clear RecentFileCache

* Clear ShellBag

* Delete Windows Defender Quarantine Files

* File Melting Capabilities.



![Screenshot](forensia.png)



## Important Update



Added:

* Clear Recent Items

* Clear Shim Cache

* Clear RecentFileCache

* Clear ShellBag

* Clear Quanatine Files



## TODO

- [ ] USNJRnl Execution On All Disk Drives.



- [ ] Unallocated Space ReWriting.



- [x] A Bit of Polishing.



## Credits



https://github.com/Naranbataar/Corrupt



https://github.com/LloydLabs/delete-self-poc



https://github.com/OsandaMalith/WindowsInternals/blob/master/Unload_Minifilter.c



https://stackoverflow.com/users/15168/jonathan-leffler



https://github.com/GiovanniDicanio/WinReg