Skip to content
/ AntiForensics Public

This script allows us to perform an execution in the memory of the device without leaving traces for forensic analysts after its execution.

License

GPL-3.0 license
10 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tt-viic/AntiForensics

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
AntiForensics.ps1
AntiForensics.ps1
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

AntiForensics

This script allows us to perform an execution in the memory of the device without leaving traces for forensic analysts after its execution.

It is incorporated that the downloaded executable is decrypted by the script so that the anti virus cannot detect the download and for ultimate security the executable, apart from being encrypted, would be compressed in a folder with 7zip.

So as you can imagine this is a nuisance for any anti virus to detect it on the fly, and as it runs in memory we only have to take care of the heuristic in execution of what we download and it will work without problems. this address

CONTACT-SUGGESTIONS

Any doubt / suggestion / collaboration contact me by mail at viic@tutanota.com

HackingEspaña_transparente

About

This script allows us to perform an execution in the memory of the device without leaving traces for forensic analysts after its execution.

Topics

windows tool powershell awsome antivirus powershell-script powershell-scripts forensic-analysis forensic undetectable forensics-investigations windows-terminal

Resources

Readme

License

GPL-3.0 license
Activity

Stars

10 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages