Get Our Premium Ethical Hacking Bundle (90% Off): https://nulb.app/cwlshop
How to Wipe All Proof You Were in a Linux System
Full Tutorial: https://nulb.app/x5osd
Subscribe to Null Byte: https://goo.gl/J6wEnH
Nick’s Twitter: https://twitter.com/nickgodshall
Cyber Weapons Lab, Episode 216
When somebody’s computer is compromised, the hacker gains almost full control over that computer, allowing them to set up payloads such as reverse persistent shells or keystroke duplicators. However, when the hacker is setting up their payloads, they can leave behind traces that they were there. This evidence takes form in the Bash command history or the files they leave behind that were needed to set up the payload.
If the hacker was smart, they would delete the command history and any files that are not necessarily to make the payload work. Doing so will decrease the chance that the
hacker will get caught and will increase the chance that the payload is effective.
In this episode of Cyber Weapons Lab, we’ll be going over drd_’s article on Null Byte to see how a hacker would go about wiping their tracks. Knowing this will help you drill down to information the hacker may have missed during advanced digital forensics.
To learn more, check out drd_’s full article on Null Byte: https://nulb.app/x5osd
Follow Null Byte on:
Vimeo: https://vimeo.com/channels/nullbyteNull ByteRead More