usbkill is an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your Computer.
sudo python usbkill.pyor
sudo python3 usbkill.py
Here are some reasons to use this tool:
- In case the police or other thugs come busting in (or steal your laptop from you when you are at a public library, as happened to Ross). The police commonly use a « mouse jiggler » to keep the screensaver and sleep mode from activating.
- You don’t want someone to add or copy documents to or from your computer via USB.
- You want to improve the security of your (encrypted) home or corporate server (e.g. Your Raspberry).
Important: Make sure to use disk encryption for all folders that contain information you want to be private. Otherwise, they will get it anyway. Full disk encryption is the easiest and surest option if available.
Tip: Additionally, you may use a cord to attach a USB key to your wrist. Then insert the key into your computer and start usbkill. If they steal your computer, the USB will be removed and the computer shuts down immediately.
- Compatible with Linux, *BSD and OS X.
- Shutdown the computer when there is USB activity.
- Customizable. Define which commands should be executed just before shut down.
- Ability to whitelist a USB device.
- Ability to change the check interval (default: 250ms).
- Ability to melt the program on shut down.
- RAM and swap wiping.
- Works with sleep mode (OS X).
- No dependency except secure-delete iff you want usbkill to delete files/folders for you or if you want to wipe RAM or swap. sudo apt-get install secure-delete
- Sensible Defaults.
Supported command line arguments (partially for devs):
- -h or --help: show help message, exit.
- --version: show version of the program, exit.
- --no-shut-down: if a malicious change on the USB ports is detected, execute all the (destructive) commands you defined in settings.ini, but don’t turn off the computer.
- --cs: Copy program folder settings.ini to /etc/usbkill/settings.ini
You might also like:
- dSploit - Android App For Hackers
- CrowdInspect - Host-based Process Inspection Tool
- Parsero - Robots.txt Audit Tool
- MobiSec - Mobile Penetration Testing Distribution
- EyeWitness - A Rapid Web Application Triage Tool
- WIG - Web Application Information Gathering Tool
- Skipfish - Web Application Security Scanner
- Blackhash - Audit Passwords Without Hashes
- peepdf - PDF Analysis Tool
- MITMer - Automated Man-In-The-Middle Attack Tool
- Nagios XI - Enterprise Server and Network Monitoring Software
- URLCrazy - Domain Name Typo Tool
- Responder - An LLMNR, NBT-NS, and mDNS Poisoner
- Ncrack - High-Speed Network Authentication Cracker
- Maltrieve - Tool To Retrieve Malware Directly From the Source
- Burp CO2 - A Collection Of Enhancements for Burp Suite
- Dumb0 - Simple Script To Harvest Usernames From Popular Forums and CMS
- ParameterFuzz - Web Application Security Scanner
- WAF-FLE - An Open-source ModSecurity Console
- DVIA - Damn Vulnerable iOS Application
- Havij - Automated SQL Injection Tool
- FGscanner - An Open-source URL Scanner