all InfoSec news
DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts
Help Net Security www.helpnetsecurity.com
DriveFS Sleuth automates the investigation of Google Drive File Stream disk artifacts. The tool can parse the disk artifacts and build a filesystem tree-like structure enumerating the synchronized files along with their respective properties. “While engaged in a threat-hunting activity for a client to detect the misuse of file-syncing applications within their network, I identified the unauthorized use of Google Drive File Stream. Despite the noteworthy collaborative capabilities offered by such tools, they pose a … More
The post …
artifacts build client cloud security computer forensics detect disk don't miss drive file files filesystem forensic forensic artifacts github google google drive hunting investigation open source software stream structure threat tool