usbdeath Logo

usbdeath

0
Free
Visit Website

usbdeath is a small script inspired by usbkill, 'an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer'. The main differences are: - It is written in bash, making it easily auditable by individuals with basic programming skills. - It is not a daemon but a rule file manipulation script, with all monitoring handled by the existing udev daemon. - It utilizes more identification values for USB devices, such as name and serial number. Config: You should modify options within the script, turning off safe (demo) mode and editing trigger commands (default are sync and poweroff). Usage: usbdeath action where action is: - o, on: activate usbdeath - x, off: temporarily deactivate usbdeath - j, eject: add entry on eject event - g, gen: generate or refresh whitelist udev rules file - d, del: delete udev rules file - t, trigger: trigger event on insertion or removal - e, edit: edit udev rules file manually - s, show: show current

FEATURES

ALTERNATIVES

A collection of tools for extracting and analyzing information from .git repositories

A Windows Registry hive extraction library that reads and writes Windows Registry 'hive' binary files.

Web interface for the Volatility Memory Forensics Framework

RegRippy is a modern Python 3 alternative to RegRipper for extracting data from Windows registry hives.

A software that collects forensic artifacts on systems for forensic investigations.

A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.

A DFVFS backed viewer project with a WxPython GUI, aiming to enhance file extraction and viewing capabilities.

Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.