Resources

Presentations

Academic

Computer/Digital Forensic Jobs

Anti-Forensic Tools

  • Date/Time Manipulation
    • TimeStomp.exe – A tool developed by James C. Foster and Vincent Liu to manipulate MACE values on an NTFS volume. ForensicWiki.org has more details on the history and capability of the tool.
    • Setmace.exe (http://reboot DOT pro/files/download/91-setmace/) – A tool developed by joakim that will modify both the Standard Information and File Name Attributes on a NTFS volume.
  • Slacker.exe – A tool developed by James C. Foster and Vincent Liu to hide data in the slackspace of files on an NTFS volume. ForensicWiki.org has more details on the history and capability of the tool.

Partitioning Scheme Analysis

Champlain College Digital Forensic Class Files

FOR270 – Anti-Forensics/Network Forensics

Malware

 

Leave a Reply