прочее Faded Memories

leonides · 17.02.2025

Features :

1. Advanced File and Directory Management

Secure File Wiping: Overwrites files with random data before deletion to prevent recovery.
Stealth File Deletion: Uses low-profile file removal.
Recursive Directory Wiping: Removes all files and subdirectories in a specified folder.

2. System Log Handling

Stop Event Logging: Disables the Windows Event Log service to reduce audit trails.
Clear System Logs: Removes or truncates .evtx log files in critical directories.

3. Anti-Forensics Techniques

Self-Deletion: Deletes its executable file after execution.
Critical API Unhooking: Detects and unhooks common API hooks placed by security products or monitoring tools.

4. "Nuke" Mode

5. Customizable Execution

Command-Line Arguments:
- nuke: Erase all non-system files on all connected disks to the machine.
- logs: Stop event logging and clear logs.
- <path>: Wipe a specific directory.
- file <path_to_file>: Securely process a single file.
- * : delete all files and directories at the same location
- self-delete: Perform self-rewrite and delete .

Benefits :

Efficiency in Covering Tracks
- The tool ensures minimal traces are left after an operation, reducing the chances of detection or forensic recovery.
Operational Stealth
- API unhooking and stealth deletion bypass many endpoint detection and response (EDR) tools.
Flexibility
- Multiple modes of operation allow for tailored usage depending on the hacker objective.
Adaptability
- Easily integrate with other tools in a red team's arsenal for enhanced post-exploitation workflows.
Self-Sustainability
- The self-deletion mechanism ensures no lingering executable files after use.

Highlights :

Secure and Customizable:
- Designed for professional use cases with a focus on secure, stealthy operations.
No Residual Risk:
- Built with safeguards to avoid unintended damage to critical system directories