DWipe is a powerful cross-platform tool for securely wiping free space and formatting drives to prevent data recovery. It implements DoD-compliant multi-pass wiping methods to ensure that deleted data cannot be recovered using standard or advanced recovery tools.
- Cross-platform support: Works on macOS, Linux, and Windows
- Two operation modes:
- Free space wiping (securely wipes only unused space)
- Full disk formatting (erases entire drives securely)
- Advanced Security Features:
- HPA (Host Protected Area) removal and wiping
- DCO (Device Configuration Overlay) removal and wiping
- SMART data and logs clearing
- Drive cache and buffer flushing
- Remapped/reallocated sector handling
- Enhanced Secure Erase (when supported by drive)
- Firmware-level secure operations
- G-List (Growth Defect List) handling
- P-List (Primary Defect List) handling
- Service Area/System Area wiping
- Vendor-specific reserved area handling
- Configurable wiping patterns:
- Zero-fill (all zeros)
- One-fill (all ones)
- Random data (cryptographically secure random values)
- Alternating patterns
- "All" pattern (combines random, zeros, and ones in sequence)
- Special patterns (humor-based patterns)
- Multi-pass wiping: Perform up to any number of passes for enhanced security
- Progress tracking: Real-time progress bars and ETA calculations
- User-friendly interface: Colorful, intuitive console interface with clear status information
- Automatic filesystem detection: Identifies and works with all major filesystem types
While DWipe's multi-pass wiping is still valuable for SSDs by filling all user-accessible areas, it cannot guarantee access to wear-leveled blocks. For maximum security with SSDs:
- Use DWipe's format mode which combines formatting with free space wiping
- Follow up with a manufacturer's secure erase tool if available
- For sensitive data, consider using encryption from the beginning
Note: Some newer SSDs implement the TRIM command on secure erase, which may be effective in wiping data but might not meet the most stringent security requirements.
- Python 3.6 or higher
- pip (Python package manager)
- Administrative privileges (for disk operations)
-
Clone or download the repository:
git clone https://github.com/InfoSecREDD/DWipe.git cd DWipe -
Run the script directly:
python dwipe.py
The script will automatically set up a virtual environment and install required dependencies on first run.
DWipe will automatically install these in its virtual environment:
- tqdm (progress bars)
- colorama (cross-platform color support)
- psutil (disk information)
# Wipe free space (interactive mode)
python dwipe.py
# Wipe free space on a specific volume
python dwipe.py freespace -r /path/to/volume
# Format and securely wipe an entire disk
python dwipe.py format -d /dev/diskXThis mode securely wipes only the free space on a volume, leaving existing files intact:
# Basic free space wiping with interactive drive selection
python dwipe.py freespace
# Specify volume path
python dwipe.py freespace -r /path/to/volume
# Customize number of passes
python dwipe.py freespace -r /path/to/volume -p 7
# Specify pattern
python dwipe.py freespace -r /path/to/volume -t random
# Skip confirmation prompt
python dwipe.py freespace -r /path/to/volume -y# Format a disk with default settings (exFAT filesystem)
python dwipe.py format -d /dev/diskX
# Specify filesystem type
python dwipe.py format -d /dev/diskX -f ntfs
# Specify volume label
python dwipe.py format -d /dev/diskX -l "MyDrive"-h,--help: Show help message and exit
-r,--root: Root path to wipe (default: interactive selection)-p,--passes: Number of overwrite passes (default: 3)-b,--block: Block size in bytes (default: 1048576)-v,--verify: Verify wiped space after each pass-t,--pattern: Data pattern to use (choices: all, zeroes, ones, random, dicks, haha; default: all)-y,--yes: Skip confirmation prompt-i,--interactive: Force interactive drive selection
-d,--disk: Disk device to format (e.g., /dev/disk2, /dev/sda)-f,--filesystem: Filesystem to use (choices: exfat, fat32, ntfs, apfs, hfs+, ext4, ext3, ext2, vfat; availability depends on OS)-l,--label: Volume label for the formatted disk-y,--yes: Skip confirmation prompt (DANGEROUS)
- Works with APFS, HFS+, ExFAT, FAT32, and NTFS volumes
- Handles special cases with read-only system volumes
- Uses
diskutilcommands for improved disk operations
- Supports ext2/3/4, FAT32, ExFAT, and NTFS filesystems
- Uses native Linux disk utilities for formatting
- Works with NTFS, FAT32, and ExFAT volumes
- Uses PowerShell and
diskpartcommands for disk operations
- Creates a temporary file on the target volume
- Continuously writes data to the file until the disk is full
- Different patterns are used based on the selected wiping mode
- The file is securely deleted after each pass
- Process repeats for each pass
- Initial format to create a clean filesystem
- Free space wiping with multiple passes
- Final format to complete the sanitization process
DWipe offers multiple data patterns for secure wiping through the -t parameter:
The default wiping method uses a sequence of different patterns across multiple passes:
- First pass: Random data (cryptographically secure random bytes)
- Second pass: All zeros (0x00 bytes)
- Third pass: All ones (0xFF bytes)
- Subsequent passes: Cycles through random, zeros, and ones
This multi-pattern approach provides high security for data sanitization.
Fills the free space with all zeros (0x00 bytes). This basic pattern overwrites data with null bytes, which is fast but less secure than other patterns when used alone.
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Fills the free space with all ones (0xFF bytes). This creates a pattern of all bits set to 1, which is useful as part of a multi-pass approach.
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF
Fills the free space with cryptographically secure random data using Python's os.urandom(). This is considered highly secure as it introduces true randomness that makes data recovery more difficult.
The random pattern produces different values on each execution:
A3 F5 9C 23 7D E8 B2 5F 01 C6 ... (random bytes)
A novelty pattern that repeats the ASCII characters "3===D" throughout the free space. This is primarily for humor and not recommended for serious security applications.
33 3D 3D 3D 44 33 3D 3D 3D 44 33 3D 3D 3D 44 ...
Another novelty pattern that repeats the ASCII characters "haha-" throughout the free space. Like the "dicks" pattern, this is included for fun rather than security.
68 61 68 61 2D 68 61 68 61 2D 68 61 68 61 2D ...
For maximum security, use the default all pattern with at least 3 passes. The US Department of Defense previously recommended multiple passes with different patterns to ensure data cannot be recovered using specialized equipment.
DWipe implements comprehensive security measures to ensure the most thorough data sanitization possible:
Hidden Area Handling
-
HPA (Host Protected Area)
- Automatically detects and removes HPA
- Exposes full drive capacity
- Wipes previously hidden sectors
- Prevents HPA restoration
-
DCO (Device Configuration Overlay)
- Removes DCO restrictions
- Accesses manufacturer-hidden areas
- Ensures complete drive access
- Prevents DCO restoration
-
SMART Data
- Clears SMART logs and attributes
- Removes historical drive data
- Eliminates diagnostic information
- Wipes performance records
-
Cache and Buffer
- Flushes drive cache
- Clears drive buffer
- Disables write cache during operation
- Forces cache synchronization
-
Sector Management
- Handles remapped sectors
- Processes reallocated areas
- Manages Growth Defect List (G-List)
- Handles Primary Defect List (P-List)
-
Enhanced Security
- Uses ATA Enhanced Secure Erase when available
- Accesses firmware-level secure operations
- Handles vendor-specific reserved areas
- Ensures complete drive sanitization
All security operations are implemented using standard drive commands that:
- Are part of ATA/SCSI specifications
- Use manufacturer-approved operations
- Don't exceed drive specifications
- Skip unsupported features safely
- Preserve drive health and longevity
These features are automatically applied during disk formatting operations, requiring no additional user configuration while ensuring maximum security.
While DWipe implements the classic multi-pass wiping approach, it's worth noting that current data sanitization standards have evolved:
-
Historical DoD Standard: The Department of Defense 5220.22-M standard was often cited as requiring multiple overwrite passes (3 or 7 passes). This standard became widely referenced in data security.
-
Current NIST Guidance: The National Institute of Standards and Technology (NIST) Special Publication 800-88 ("Guidelines for Media Sanitization") has superseded the old DoD standards. For modern storage devices, NIST generally recognizes that a single overwrite pass is sufficient for conventional hard drives.
-
Modern Storage Considerations:
- For HDDs: Single-pass overwriting is generally effective due to high recording densities of modern drives
- For SSDs: Overwriting is less effective due to wear-leveling algorithms and block management. Secure erase commands or encryption-based sanitization are preferred
DWipe's multi-pass approach provides a thorough and conservative method that exceeds current minimum recommendations, giving users higher confidence that data cannot be recovered, especially on older storage media.
Standard overwriting techniques (including DWipe's multi-pass approach) have limitations when applied to Solid State Drives (SSDs) due to:
-
Wear-leveling technology: SSDs distribute writes across memory cells to extend drive life. When you "overwrite" data, the SSD controller may write to new cells and mark old cells for later reuse, leaving original data intact.
-
Over-provisioning: SSDs contain extra storage capacity not accessible to the operating system, which may contain remnants of sensitive data.
-
Block remapping: Bad blocks are remapped to spare areas, potentially leaving data in inaccessible areas.
For complete SSD sanitization, in order of effectiveness:
-
ATA/NVMe Secure Erase Commands: Uses manufacturer-implemented firmware commands to erase all flash memory cells.
- For SATA SSDs:
hdparm --security-erase(Linux) - For NVMe SSDs:
nvme formatornvme sanitize(most secure)
- For SATA SSDs:
-
Manufacturer Tools: Most SSD manufacturers provide secure erasure utilities designed for their specific hardware.
- Samsung Magician
- Western Digital Dashboard
- Crucial Storage Executive
- Intel Memory & Storage Tool
-
Encryption-Based Method:
- Enable full disk encryption before using the drive
- Fill the drive with data
- Securely erase the encryption keys (most operating systems provide this option)
-
Physical Destruction: For highest security, physical destruction remains the only absolutely certain method.
- Shredding
- Disintegration
- Pulverization
- High-temperature incineration
- "Permission denied" errors: Run the script with administrator/sudo privileges
- Path not writable: Use the
-iflag to force interactive drive selection - "Cannot determine mount point": Try specifying a different path with
-r - Disk not found: Ensure the disk identifier is correct
If you encounter issues not covered in this documentation, please file an issue in the GitHub repository with the following information:
- Operating system and version
- Full command you were trying to run
- Complete error message
- Any relevant system information
This project is licensed under the MIT License - see the LICENSE file for details.
- InfoSecREDD (Myself)
- Inspired by secure data wiping standards and best practices
- Thanks to all contributors and testers who have helped improve this tool
- "iamJakoby" for the idea on "ASCII Dicks" novelty write method
- BleachBit for being a inspiration
While DWipe implements secure wiping techniques, no software can guarantee 100% data destruction on all storage types. Modern SSDs, for example, use wear-leveling that may preserve some data blocks despite overwriting. For maximum security on highly sensitive data, physical destruction of media may be necessary.
The authors are not responsible for any data loss resulting from the use of this tool.