Anti-forensic techniques

From Forensics Wiki
Revision as of 08:22, 30 October 2005 by Jessek (Talk | contribs)

Jump to: navigation, search

Engaging in behavior designed to frustrate computer forensic techniques. This can include refusing to run when debugging mode is enabled, refusing to run when running inside of a virtual machine, or deliberately overwriting data. Although some anti-forensic tools have legitimate purposes, such as overwriting sensitive data that shouldn't fall into the wrong hands, like any tool they can be abused.