Collect data for Digital Forensic
From Zam Wiki
1. Wipe hdd
sudo shred -v -n 0 -z /dev/sdc
2. Check byte in harddisk that was replaced by 0 or not.
sudo xxd -a /dev/sdc
3. MD5Sum Source (Evidence)
sudo md5sum /dev/sdb
4. Copy from evidence (/dev/sdb/) to hdd (/dev/sdc)
sudo dd if=/dev/sdc bs=512 count=499712 | md5sum
or create image from source
dcfldd if=/dev/sdb hash=md5 of=/media/diskimage.dd bs=512 noerror
Credit to r00tsec blog [1]