← All tools

DriveFS-Sleuth

https://pypi.org/project/drivefs-sleuth/

Free

Categories

Forensics

Description

DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based on research that has been performed by mounting different scenarios and noting down the changes in the Google Drive File Stream disk artifacts.

Keywords

drive-file-stream exfiltration forensics google-drive unauthorized-application python

Screenshots

Example Usage

python3 drivefs_sleuth.py C:\triage_path\DriveFS --html -o C:\analysis_results