In this presentation we will review common anti forensic techniques and how using standard forensic tools we can detect, identify and sometimes recovery information that anti-forensic techniques attempt to hide. The majority of anti forenisc tools are targeted either at run time analysis with untrusted binaries or open source tools. We will run through several categories of anti forensic tools and how we can identify what is trying to be hidden from us and at times recover it.
This talk will focus mainly on Microsoft Windows operating systems, but the concepts can be applied to any operating system.