usbdeath is a bash-based anti-forensic script that monitors USB port changes and executes shutdown commands when unauthorized USB devices are detected. The tool operates as a rule file manipulation script that integrates with the existing udev daemon for monitoring, rather than running as a separate daemon process. It provides enhanced device identification by utilizing multiple USB device attributes including device name and serial number, offering more granular control compared to similar tools. Key features include: - Bash implementation for easy code auditing and modification - Integration with udev daemon for USB port monitoring - Configurable trigger commands (default: sync and poweroff) - Whitelist generation and management for authorized USB devices - Multiple operational modes including activation, deactivation, and manual rule editing - Support for both insertion and removal event triggers The script includes a safe demo mode for testing purposes and allows users to customize trigger commands according to their security requirements. It generates udev rules files to handle USB device events and provides commands for managing these rules through a simple command-line interface.