usbdeath
usbdeath is a small script inspired by usbkill, 'an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer'. The main differences are: - It is written in bash, making it easily auditable by individuals with basic programming skills. - It is not a daemon but a rule file manipulation script, with all monitoring handled by the existing udev daemon. - It utilizes more identification values for USB devices, such as name and serial number. Config: You should modify options within the script, turning off safe (demo) mode and editing trigger commands (default are sync and poweroff). Usage: usbdeath action where action is: - o, on: activate usbdeath - x, off: temporarily deactivate usbdeath - j, eject: add entry on eject event - g, gen: generate or refresh whitelist udev rules file - d, del: delete udev rules file - t, trigger: trigger event on insertion or removal - e, edit: edit udev rules file manually - s, show: show current
FEATURES
ALTERNATIVES
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
A tool that uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
Malscan is a tool to scan process memory for YARA matches and execute Python scripts.
Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix's Security Intelligence and Response Team (SIRT) for scoping compromises across cloud instances.
A framework/scripting tool to standardize and simplify the process of scripting favorite Live Acquisition utilities for Incident Responders.
DMG2IMG is a tool for converting Apple compressed dmg archives to standard image disk files with support for zlib, bzip2, and LZFSE compression.
A Windows Registry hive extraction library that reads and writes Windows Registry 'hive' binary files.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.