usbdeath Logo

usbdeath

0
Free
Visit Website

usbdeath is a small script inspired by usbkill, 'an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer'. The main differences are: - It is written in bash, making it easily auditable by individuals with basic programming skills. - It is not a daemon but a rule file manipulation script, with all monitoring handled by the existing udev daemon. - It utilizes more identification values for USB devices, such as name and serial number. Config: You should modify options within the script, turning off safe (demo) mode and editing trigger commands (default are sync and poweroff). Usage: usbdeath action where action is: - o, on: activate usbdeath - x, off: temporarily deactivate usbdeath - j, eject: add entry on eject event - g, gen: generate or refresh whitelist udev rules file - d, del: delete udev rules file - t, trigger: trigger event on insertion or removal - e, edit: edit udev rules file manually - s, show: show current

FEATURES

ALTERNATIVES

PowerForensics is a PowerShell digital forensics framework for hard drive forensic analysis.

Dissect is a digital forensics & incident response framework that simplifies the analysis of forensic artefacts from various disk and file formats.

Online platform for image steganography analysis

A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.

A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.

Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.

A binary analysis platform for analyzing binary programs

AMExtractor is an Android Memory Extractor tool.

PINNED