ITM is an open framework - Submit your contributions now.

Anti-Forensics

Account Misuse

Clear Browser Artifacts

Clear Email Artifacts

Decrease Privileges

Delayed Execution Triggers

Delete User Account

Deletion of Volume Shadow Copy

Disk Wiping

File Deletion

File Encryption

Hide Artifacts

Hiding or Destroying Command History

Log Deletion

Log Modification

Modify Windows Registry

Network Obfuscation

Physical Destruction of Storage Media

Physical Removal of Disk Storage

Stalling

Steganography

Image Steganography

System Shutdown

Timestomping

Tripwires

Uninstalling Software

Virtualization

Windows System Time Modification

ID: AR5
Created: 22nd May 2024
Updated: 23rd April 2025

Anti-Forensics

The actions undertaken by a subject to frustrate any subsequent investigation.

Sections (26)