Step 1
hdparm secure erase
hdparm supports ATA Secure Erase, which is functionally equivalent to zero-filling a disk. It is however handled by the hard-drive firmware itself, and includes "hidden data areas". As such, it can be seen as a modern-day "low-level format" command. SSD drives reportedly achieve factory performance after issuing this command, but may not be sufficiently wiped (see #Flash memory).
Some drives support Enhanced Secure Erase, which uses distinct patterns defined by the manufacturer. If the output of hdparm -I for the device indicates a manifold time advantage for the Enhanced erasure, the device probably has a hardware encryption feature and the wipe will be performed to the encryption keys only.
For detailed instructions on using ATA Secure Erase, see the Linux ATA wiki.
https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
or
https://tinyapps.org/docs/wipe_drives_hdparm.html
Step 2
dc3dd is truly an impressive tool, not only can it be used to image a drive but also to wipe it.
Below are the three available options for how the drive can be overwritten.
Overwrite using zeroes, this is the basic and simplest form you can use for wiping a drive:
dc3dd wipe=/dev/sdX log=FILE
Overwrite using HEX pattern:
dc3dd wipe=/dev/sdX pat=707de2543cfaef899ef07a18ce0 log=FILE
Overwrite using Text pattern:
dc3dd wipe=/dev/sdX tpat=HereGoesTheTextPattern log=FILE
Source:
https://linhost.info/2012/06/erase-a-drive-with-dc3dd/
e.g.:
dc3dd wipe=/dev/sdX pat=`date | sha512sum | awk '{ print $1 }'` log=FILE
Step 3
Repeat step 2 by overwriting with zeros or hex pattern.
e.g:
dd if=/dev/zero of=/dev/sdX bs=1M
Tip
openssl enc -aes-256-ctr -pass pass:⤦"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt < /dev/zero > /dev/sdX