Skip to content
Log in

Anti-forensic technique

Definition

Any action taken by an attacker to destroy, conceal, or alter evidence of their activity. Common examples include log clearing, timestomping, use of encrypted channels, and deployment of rootkits.

Related terms

Credential stuffing
An automated attack that replays username-password pairs from previous data breaches against new target services, exploiting the widespread reuse of passwords across...
Lateral movement
Attacker activity after initial compromise in which the threat actor traverses from one internal system to another, typically to escalate privileges, access...
Living-off-the-land (LotL)
An attack approach where the adversary uses tools and binaries already present on the target system, such as PowerShell, WMI, certutil, or...
Privilege escalation
A post-access technique in which an attacker who has gained low-level access to a system exploits a vulnerability or misconfiguration to obtain...
Unauthorised access
The act of accessing a computer, network, or data store without permission from the owner or without lawful authority. The core element...

Explained in

  • Hacking and Unauthorised Access OffencesAny action taken by an attacker to destroy, conceal, or alter evidence of their activity. Common examples include log clearing, timestomping, use of encrypted...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account