Unix-like Artifacts Collector UAC

The Unix-like Artifacts Collector (UAC) is a Live Response collection script designed for Incident Response. It utilizes native binaries and tools to automate the gathering of artifacts from various systems, including AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD, and Solaris.

It was created to facilitate and accelerate data collection, while reducing reliance on remote support during incident response engagements. Documentation - Main Features - Supported Operating Systems - Using UAC - Contributing - Support - License ���� Documentation Project documentation page: https://tclahr.github.io/uac-docs ���� Main Features Run everywhere without any dependencies (no installation required). Customizable and extendable collections and artifacts. Maintain the order of volatility during artifact collection. Gather information from processes that are running without a binary present on disk. Hash both running processes and executable files. Extract details from files and directories to create a bodyfile (including enhanced file attributes for ext4). Collect user and system configuration files along with logs. Retrieve artifacts from applications. Acquire volatile memory from Linux systems using various methods and tools. ���� Supported Operating Systems AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD, and Solaris.