Skip to content
/ Anti-forensics-time-randomiser-linux Public

A tool to spoof a forensics investigator by randomising the hardware clock so it is difficult to tell when a files were written, making the job much harder and time consuming.

8 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

peter2233finn/Anti-forensics-time-randomiser-linux

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits

README.md

README.md

 
 

Randomise system time.sh

Randomise system time.sh

 
 

Write files with randomised time.sh

Write files with randomised time.sh

 
 

Repository files navigation

A tool to spoof forensic investigators by randomising the hardware clock. One script is for writing files with random timestamps, the other is for randomising the system time.

When a forensic investigator is examioning a computer, one of the most important things is the time files were written, making the job much harder and time consuming. I do not believe there is an option in linux to prevent timestamps when files are written.

Note: NTP clock must be turned off for this to work. If it is not the clock will stay synced using the NTP server instead of the hardware clock. It was tested on Arch Linux.

Feel free to fork and commit. Use the code for whatever you want.

About

A tool to spoof a forensics investigator by randomising the hardware clock so it is difficult to tell when a files were written, making the job much harder and time consuming.

Topics

linux forensics spoof antiforensics forensic-analysis anti-forensics foren hardware-clock

Resources

Readme
Activity

Stars

8 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages