Forensia Logo

Forensia

0
Free
Visit Website

Forensia is an anti-forensics tool designed for Red Teamers to erase footprints in the post-exploitation phase, reducing payload burnout and increasing detection countdown. It can be used to test the capabilities of incident response/forensics teams by unloading Sysmon driver, Gutmann method file shredding, USNJrnl disabler, prefetch disabler, log eraser, event log disabler, user assist update time disabler, access time disabler, clear recent items, clear Shim cache, clear RecentFileCache, clear ShellBag, delete Windows Defender quarantine files, file melting capabilities, and more. It also includes an important update that adds the ability to clear recent items, Shim cache, RecentFileCache, ShellBag, and quarantine files, with upcoming features like USNJrnl execution on all disk drives, unallocated space rewriting, and further enhancements. Credits to various contributors are acknowledged.

FEATURES

ALTERNATIVES

Create checkpoint snapshots of the state of running pods for later off-line analysis.

A library to access the Extensible Storage Engine (ESE) Database File (EDB) format used in various Windows applications.

A command-line utility to show and change EXIF information in JPEG files

A user-friendly and fast Forensic Analysis tool with features like tagging files and generating preview reports.

Python forensic tool for extracting and analyzing information from Firefox, Iceweasel, and Seamonkey browsers.

ID-spoofing NFS client

Analyzing WiFiConfigStore.xml file for digital forensics on Android devices.

A library to access and parse Windows NT Registry File (REGF) format.