Here are some high-level anti-forensics categories and concepts.
| Category | Goal |
|---|---|
| attack surface reduction | minimize exposure. leave minimal or no traces. |
| obfuscation and encryption | obscure meaning and intent |
| noise generation | overwhelm signal with noise |
| data prophylactics | prevent dumb mistakes |
| visibility gaps | operate where the adversary cannot see |
| living off the land | blend in and avoid attribution by using native tooling |
| behavioral evasion | avoid pattern-based attribution and detection |
| compartmentalization | isolate actions and identitites |
| infrastructure hygiene | avoid using linkable infrastructure |
| environmental control | only trust the systems you control and know well |
| forensic resistance | survive postmortem analysis, posion or break forensic tooling. |
| false flag | mislead attribution efforts |