Forensia
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
Install / Use
/learn @PaulNorman01/ForensiaREADME
Forensia
Anti Forensics Tool For Red Teamers, Used For Erasing Some Footprints In The Post Exploitation Phase.
Reduces Payload Burnout And Increases Detection Countdown. Can Be Used To Test The capabilities of Your Incident Response / Forensics Teams.
Capabilities
- Unloading Sysmon Driver.
- Gutmann Method File Shredding.
- USNJrnl Disabler.
- Prefetch Disabler.
- Log Eraser and Event log Disabler.
- User Assist Update Time Disabler.
- Access Time Disabler.
- Clear Recent Items
- Clear Shim Cache
- Clear RecentFileCache
- Clear ShellBag
- Delete Windows Defender Quarantine Files
- File Melting Capabilities.
Important Update
Added:
- Clear Recent Items
- Clear Shim Cache
- Clear RecentFileCache
- Clear ShellBag
- Clear Quanatine Files
TODO
-
[ ] USNJRnl Execution On All Disk Drives.
-
[ ] Unallocated Space ReWriting.
-
[x] A Bit of Polishing.
Credits
https://github.com/Naranbataar/Corrupt
https://github.com/LloydLabs/delete-self-poc
https://github.com/OsandaMalith/WindowsInternals/blob/master/Unload_Minifilter.c
https://stackoverflow.com/users/15168/jonathan-leffler
https://github.com/GiovanniDicanio/WinReg
Related Skills
node-connect
334.1kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
82.1kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
334.1kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
commit-push-pr
82.1kCommit, push, and open a PR
