Giters

tt-viic / AntiForensics

This script allows us to perform an execution in the memory of the device without leaving traces for forensic analysts after its execution.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

forensic-analysisforensics-investigationsforensicwindowspowershellpowershell-scriptpowershell-scriptswindows-terminaltoolawsomeantivirusundetectable

AntiForensics

This script allows us to perform an execution in the memory of the device without leaving traces for forensic analysts after its execution.

It is incorporated that the downloaded executable is decrypted by the script so that the anti virus cannot detect the download and for ultimate security the executable, apart from being encrypted, would be compressed in a folder with 7zip.

So as you can imagine this is a nuisance for any anti virus to detect it on the fly, and as it runs in memory we only have to take care of the heuristic in execution of what we download and it will work without problems. this address

CONTACT-SUGGESTIONS

Any doubt / suggestion / collaboration contact me by mail at viic@tutanota.com

HackingEspaña_transparente

About

This script allows us to perform an execution in the memory of the device without leaving traces for forensic analysts after its execution.

forensic-analysisforensics-investigationsforensicwindowspowershellpowershell-scriptpowershell-scriptswindows-terminaltoolawsomeantivirusundetectable

License:GNU General Public License v3.0

Languages

Language:PowerShell 100.0%