Lib.rs

Security | Command line utilities
#wipe #secure #shred #delete #file

app fw-rs

A forensic-grade file destruction utility for securely overwriting and deleting files/directories

Owned by amirhosseinghanipour.

2 releases

Uses new Rust 2024

0.1.1 Jul 31, 2025
0.1.0 Jul 31, 2025

#178 in Security

22 downloads per month

GPL-3.0 license

24KB
466 lines

FileWipe (fw-rs)

fw is a forensic-grade file destruction utility for securely overwriting and deleting files/directories.

⚠️ Critical Security Warning

No software tool can guarantee perfect data erasure on modern hardware. You must understand the limitations:

  • SSDs: SSDs use wear-leveling algorithms. When you "overwrite" a file, the drive's controller may write the new data to a different physical location.
  • Journaling Filesystems: Filesystems keep metadata logs and may have copies of your file's data stored in the journal.

For wiping data on magnetic media or in controlled environments, fw is a powerful tool. For absolute, guaranteed data destruction on modern drives, the only certain method is physical destruction. For SSDs, consider using firmware-level commands like ATA Secure Erase.

Features

  • Multiple Sanitization Methods: Choose your level of paranoia.
    • default: A strong and fast 3-pass overwrite with cryptographically secure random data.
    • dod-5220.22-m: A 7-pass method compliant with the U.S. Department of Defense standard.
    • gutmann: The legendary 35-pass method designed to defeat even advanced hardware recovery techniques on older magnetic drives.
  • Concurrency: Uses a thread pool to wipe multiple files simultaneously using all your CPU cores.
  • Security First:
    • Refuses to operate on symbolic links to prevent accidental data loss.
    • Identifies and refuses to touch special device files.
    • Uses OsRng for a cryptographically secure source of randomness.
  • Anti-Forensics: Obfuscates file size and renames files to random strings before unlinking to erase metadata.

Installation

Install directly from crates.io:

cargo install fw-rs

Make sure ~/.cargo/bin is in your PATH.

Usage

The command is fw.

Wipe a single file with default settings:

fw /path/to/sensitive-document.txt

Wipe multiple files using the DoD method with 8 threads and verbose output:

fw -j 8 --method dod-5220.22-m --verbose report.docx spreadsheet.xlsx plans.pdf

Recursively and forcibly wipe an entire directory: WARNING: This is extremely destructive. Use with extreme caution.

fw --recursive --force /path/to/project-to-be-erased/

See all available options:

fw --help

Wipe Methods Explained

Method Passes Description
default 3 A fast and secure 3-pass overwrite with CSPRNG random data. A solid balance of speed and security for most use cases.
dod-5220.22-m 7 Implements the DoD 5220.22-M standard. Uses passes of zeros, ones, and random data with verification. A common choice for compliance.
gutmann 35 The most extreme software-based method. Uses a complex sequence of patterns. Largely overkill for modern drives but a recognized standard.

License

This project is licensed under the GPL-3.0 License.

Contributing

Contributions, bug reports, and pull requests are welcome. Please open an issue in the repository to discuss any changes.

Dependencies

~2.1–3MB
~52K SLoC