Clear the Logs & History on Linux Systems to Delete All Traces You Were There [Tutorial]

Get Our Premium Ethical Hacking Bundle (90% Off):

How to Wipe All Proof You Were in a Linux System
Full Tutorial:
Subscribe to Null Byte:
Nick’s Twitter:

Cyber Weapons Lab, Episode 216

When somebody’s computer is compromised, the hacker gains almost full control over that computer, allowing them to set up payloads such as reverse persistent shells or keystroke duplicators. However, when the hacker is setting up their payloads, they can leave behind traces that they were there. This evidence takes form in the Bash command history or the files they leave behind that were needed to set up the payload.

If the hacker was smart, they would delete the command history and any files that are not necessarily to make the payload work. Doing so will decrease the chance that the
hacker will get caught and will increase the chance that the payload is effective.

In this episode of Cyber Weapons Lab, we’ll be going over drd_’s article on Null Byte to see how a hacker would go about wiping their tracks. Knowing this will help you drill down to information the hacker may have missed during advanced digital forensics.

To learn more, check out drd_’s full article on Null Byte:

Follow Null Byte on:
Vimeo: ByteRead More