Python library to carry out DFIR analysis on the Cloud
This repository contains some tools to be used by forensics teams to collect evidence from cloud platforms. Currently, Google Cloud Platform, Microsoft Azure, and Amazon Web Services are supported.
It consists of one module called
libcloudforensicswhich implements functions that can be desirable in the context of incident response in a cloud environment, as well as a CLI wrapper tool for these functions.
Documentation can be found on the ReadTheDocs page.