Forensic analysis of anti-forensic file-wiping tools on Windows.

This paper presents forensic analysis of anti-forensic file-wiping tools on the Windows platform. The goal is to identify and extract the evidence of the tools used to wipe files and the files wiped by them on the Windows operating system. To achieve this goal, we analyzed the changes made by these tools to metadata structures of Windows file systems during file wiping.