Skip to content

uac-2.0.0

Choose a tag to compare

View all tags
@tclahr tclahr released this 25 Nov 11:34
v2.0.0
cf0e159

Highlights

  • Faster collection engine.
  • Artifacts collections are now based on YAML files.
  • Nine supported operating systems: android (via adb shell), aix, freebsd, linux, macos, netbsd, netscaler, openbsd and solaris.
  • New command line options.
  • New output and log file format.
  • Revamped uac.log file.
  • Command errors will now be stored into individual .stderr files.
  • Acquires volatile memory from Linux systems using Microsoft's avml tool.

New Artifacts

New browser artifacts

  • Chromium based (Chrome, Edge, Opera, Brave...)
  • Firefox
  • Safari

New applications artifacts

  • macOS dock
  • LibreOffice MRU
  • Microsoft Office MRU
  • WPS Office MRU

New system artifacts

  • macOS MRU
  • macOS autoruns
  • macOS quarantine events
  • macOS time machine information
  • macOS wifi information

New docker/containers artifacts

  • containerd config dump

New process artifacts

  • proctree -a
  • ps auxwwwf

New network artifacts

  • ss -tap
  • ss -tanp
  • ss -tlp
  • ss -tlnp

Please see the CHANGELOG[.]md file for more details.

Assets 5
Loading