A high-performance, precision CLI framework to eradicate digital footprints, software traces, and operational residue.
Built for power users and blue-team operators running on Windows and Linux systems.

---

🌌 Overview

NullTrace is the evolution of legacy system cleaning tools perfectly adapted for modern architectures. Instead of blindly deleting files, NullTrace employs a clinical, category-based extraction framework.

By orchestrating deep-dive cleaning scripts across 28 distinct profiles (including Chromium-engine browsers, decentralized messengers, Docker containers, and hidden registry hives), NullTrace ensures operational hygiene with surgical precision.

With its built-in DoD 5220.22-M secure wipe methodology, network footprint eradication (DNS/ARP), and a fully interactive CLI dashboard mapped through rich, it establishes a new standard for operational security.

---

⚡ Key Capabilities

• Interactive Dashboard: Toggle exactly what you need wiped via a beautiful, responsive TUI.
• DoD Wipe Protocls: Multi-pass randomized overwriting (--wipe 3) ensures data cannot be recovered by forensic software.
• Deep-Browser Eradication: Targets obscure User Data caches, IndexedDBs, Crashpads, and GPUCaches across all Chromium derivatives (Chrome, Edge, Brave, Opera) and Firefox.
• Network Ghosting: Native capabilities to flush the DNS resolver pool and reset ARP routing caches.
• Developer Cleanups: Seamlessly targets heavy, leftover artifacts from npm, pip, git-credentials, and Docker.
• Absolute Transparency: Built-in --dry-run sandbox to evaluate impact before execution, and --log generation for strict deployment auditing.

---

🛠 Installation

Deploy NullTrace in an isolated environment using the latest release.

# Clone the repository
git clone https://github.com/benzoXdev/NullTrace.git

# Enter the directory
cd NullTrace

# Ensure dependencies are loaded
pip install -r requirements.txt

---

🕹 Operation & Syntax

Launch into the interactive terminal UI to manually select targeted categories:

python nulltrace.py

Automation & Parameters

NullTrace supports extensive CLI arguments for automated and headless operational workflows.

Flag	Argument	Description
--all	-a	Selects all 28 categories and executes fully autonomously.
--dry-run	-d	Safe Mode: Simulates the entire process without altering the disk.
--category	-c <name>	Target isolated footprints (e.g., -c Firefox Discord).
--wipe	-w <count>	Defines structural overwrite passes (1 by default, 3 for DoD Sec Wipe).
--log		Compiles a full forensic audit trail in the Logs/ directory.
--elevate	-e	Forces privilege escalation (UAC/sudo) natively before execution.
--silent	-s	Suppresses per-file console output for operational stealth.
--list	-l	Lists all active categories registered in the engine matrix.

Advanced Execution Example:

# Securely wipe dev environments and browsers with a DoD 3-pass and save an audit log
python nulltrace.py --category Docker npm "Google Chrome" Discord --wipe 3 --log --no-confirm

---

🎯 Targeted Operations Matrix (28 Core Modules)

NullTrace uses decoupled JSON rule clusters to hit exact metadata vectors. Supported frameworks include:

🌍 Browsers & Connectivity: Google Chrome | Microsoft Edge | Brave Browser | Opera Browser | Firefox | Tor Browser | Mullvad VPN

💬 Secure Communications: Discord (Stable/Canary/PTB) | Signal | Session | Telegram | Slack

👨‍💻 Development & Engineering: Visual Studio Code | Docker | Git | npm | pip | MySQL | EmEditor | Modern CSV

🗄 Core Protocol Systems: Windows System Traces | DNS/ARP Caches | Registry HIVES | Trash/Recycle Bin | LibreOffice | CCleaner | WinRAR

---

🔒 Security Disclaimer

Warning

NullTrace inherently executes destructive actions using native kernel handles or file-system level modules. When run with --wipe, standard recovery applications (e.g. Recuva) will fail drastically. It is vital to utilize the --dry-run parameter before live deployment on critical environments.

---

Architected by benzoXdev
Released under the MIT License • 2026