usbdeath
usbdeath is a small script inspired by usbkill, 'an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer'. The main differences are: - It is written in bash, making it easily auditable by individuals with basic programming skills. - It is not a daemon but a rule file manipulation script, with all monitoring handled by the existing udev daemon. - It utilizes more identification values for USB devices, such as name and serial number. Config: You should modify options within the script, turning off safe (demo) mode and editing trigger commands (default are sync and poweroff). Usage: usbdeath action where action is: - o, on: activate usbdeath - x, off: temporarily deactivate usbdeath - j, eject: add entry on eject event - g, gen: generate or refresh whitelist udev rules file - d, del: delete udev rules file - t, trigger: trigger event on insertion or removal - e, edit: edit udev rules file manually - s, show: show current
FEATURES
ALTERNATIVES
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
Digital investigation tool for extracting forensic data from computers and managing investigations.
A tool with advanced filtering capabilities for analyzing events based on time, path, weekday, and date.
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
A tool that uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment.
DFIR ORC Documentation provides detailed instructions for setting up the build environment and deploying the tool.
A powerful OSINT tool for creating custom templates for data extraction and analysis
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.