UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection of Unix-like systems artifacts. It respects the order of volatility and artifacts that are changed during the execution. It was created to facilitate and speed up data collection, and depend less on remote support during …
Tag Archives: Artifacts
Usbrip : Simple CLI Forensics Tool For Tracking USB Device Artifacts
Usbrip (derived from “USB Ripper”, not “USB R.I.P.” astonished) is an open source forensics tool with CLI interface that lets you keep track of USB device artifacts (aka USB event history, “Connected” and “Disconnected” events) on Linux machines. It is a small piece of software written in pure Python 3 (using some external modules though, …
Continue reading “Usbrip : Simple CLI Forensics Tool For Tracking USB Device Artifacts”