← All tools

DriveFS-Sleuth

https://pypi.org/project/drivefs-sleuth/

Free

Categories

Forensics

Description

DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based on research that has been performed by mounting different scenarios and noting down the changes in the Google Drive File Stream disk artifacts.

Keywords

drive-file-stream exfiltration forensics google-drive unauthorized-application python

Screenshots

Example Usage

python3 drivefs_sleuth.py C:\triage_path\DriveFS --html -o C:\analysis_results

See also

Binwalk

Open Source Kali

Firmware analysis tool for searching, extracting, and analyzing binary images. Identifies embedded f…

goodboy-framework

Open Source

15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detect…

pe-sieve

Open Source

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/in…

apiosintDS

Open Source

On demand query API for https://github.com/davidonzo/Threat-Intel project.…

volatility3

Free

Volatility is the world's most widely used framework for extracting digital artifacts from volatile …

The-Awesome-And-Dangerous-collection

Free

A high-risk archive of historical malware, exploit kits, crypters, and webshells for educational and…