[SDELETE]
Secure file deletion tool for data destruction, evidence cleaning, and compliance with data protection standards
Difficulty: Beginner
Category: Security
Important Warning
SDelete permanently destroys data and cannot be undone. Ensure you have proper authorization and backups before using this tool. Misuse can result in irreversible data loss.
Key Features
Secure Overwriting
Multi-pass data overwriting prevents recovery
DoD Standards
Compliant with military data destruction standards
Free Space Cleaning
Clean free space to remove deleted file remnants
Command Line
Scriptable for automated secure deletion tasks
Basic Usage
File Deletion
# Securely delete a file
sdelete -p 3 sensitive_document.docx
# Delete file with zero-fill (single pass)
sdelete -z sensitive_data.txt
# Delete entire directory
sdelete -p 3 -s C:\\temp\\confidential
Free Space Cleaning
# Clean free space on drive
sdelete -c C:
# Multi-pass free space cleaning
sdelete -p 7 -c D:
# Zero-fill free space
sdelete -z -c E:
Command Line Options
| Option | Description | Example |
|---|---|---|
| -p [passes] | Number of overwrite passes (1-99) | sdelete -p 7 file.txt |
| -z | Zero-fill (single pass with zeros) | sdelete -z document.pdf |
| -c | Clean free space on drive | sdelete -c C: |
| -s | Recurse subdirectories | sdelete -s C:\\folder |
| -q | Quiet mode (no prompts) | sdelete -q -p 3 file.txt |
| -r | Remove read-only attribute | sdelete -r readonly.txt |
Security Standards & Methods
DoD 5220.22-M
US Department of Defense standard for secure data destruction.
Pass 1: Write 0x00
Pass 2: Write 0xFF
Pass 3: Write random data
Peter Gutmann Method
35-pass method for maximum security on older drives.
Command:
sdelete -p 35 file.txtNIST 800-88
Current NIST guidelines for media sanitization.
Recommends: Single pass for modern drives
Zero-Fill Method
Single pass with zeros - fastest secure deletion.
Command:
sdelete -z file.txtSecurity Use Cases
🧹 Evidence Cleaning
Remove sensitive data during incident response and cleanup.
# Clean infected directories
sdelete -p 3 -s C:\\malware_samples
📋 Compliance Requirements
Meet regulatory requirements for secure data destruction.
# HIPAA/PCI compliant deletion
sdelete -p 7 patient_records.db
💻 System Decommissioning
Prepare systems for disposal or repurposing.
# Clean entire drive
sdelete -p 3 -c C:
🔒 Privacy Protection
Protect personal information from unauthorized recovery.
# Delete personal files
sdelete -z -s C:\\Users\\john\\Documents
Modern Storage Considerations
SSD Drives
- • SSDs use wear leveling and over-provisioning
- • Traditional overwriting may not reach all data
- • Use manufacturer's secure erase commands
- • Consider ATA Secure Erase for full drive wiping
Modern File Systems
- • TRIM support on SSDs
- • Copy-on-write file systems (ReFS, Btrfs)
- • Snapshots and versioning features
- • Cloud storage and automatic backups
Best Practices & Tips
Verify before deletion: Always confirm file paths and permissions before running SDelete
Use appropriate pass count: 3-7 passes sufficient for HDDs, 1 pass often adequate for SSDs
Clean free space regularly: Regularly clean free space to remove deleted file remnants
Consider file system features: Account for snapshots, versioning, and cloud sync
Test in safe environment: Practice with test files before using on production data