Unix-like Artifacts Collector UAC Logo

Unix-like Artifacts Collector UAC

0
Free
Updated 11 March 2025
Visit Website

Unix-like Artifacts Collector UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts. It was created to facilitate and speed up data collection, and depend less on remote support during incident response engagements. Documentation • Main Features • Supported Operating Systems • Using UAC • Contributing • Support • License 📘 Documentation Project documentation page: https://tclahr.github.io/uac-docs 🌟 Main Features Run everywhere with no dependencies (no installation required). Customizable and extensible collections and artifacts. Respect the order of volatility during artifact collection. Collect information from processes running without a binary on disk. Hash running processes and executable files. Extract information from files and directories to create a bodyfile (including enhanced file attributes for ext4). Collect user and system configuration files and logs. Collect artifacts from applications. Acquire volatile memory from Linux systems using different methods and tools. 💾 Supported Operating Systems AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.

FEATURES

SIMILAR TOOLS

A DevSecOps command line asset inventory tool

Open-source abuse management toolkit for automating and improving the abuse handling process.

Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.

A case management platform for Security Operations Centers that enables collaborative incident response, workflow automation, and compliance reporting throughout the cybersecurity incident response lifecycle.

A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.

A Security Orchestration, Automation and Response (SOAR) platform for incident response and threat hunting.

A comprehensive auditd configuration for Linux systems following best practices.

A set of scripts for collecting forensic data from Windows and Unix systems respecting the order of volatility.

Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved