Which cloud services are supported by this skill?

The skill supports forensic acquisition from Google Drive, OneDrive (Microsoft 365), Dropbox, and Box.

Does this skill collect data from the cloud or local devices?

It does both. It utilizes service-specific APIs for remote data collection and analyzes local endpoint artifacts like sync client databases and caches.

Is forensic integrity maintained during the process?

Yes, the skill includes methods for generating detailed acquisition logs and preserving critical metadata to support chain of custody requirements.

What tools are required to use this skill?

You will need Python 3.8+, relevant API credentials/tokens, and optionally forensic tools like KAPE or Magnet AXIOM for specialized artifact parsing.

Cloud Storage Forensic Acquisition

Name: Cloud Storage Forensic Acquisition
Author: mukul975

bymukul975

•

4,121

•

安全与测试

Facilitates the forensic collection and analysis of digital evidence from major cloud storage providers and local sync clients.

This skill enables professional-grade digital forensic acquisitions from cloud storage services including Google Drive, OneDrive, Dropbox, and Box. It bridges the gap between remote API-based data collection and local endpoint artifact analysis, allowing investigators to capture metadata, file histories, trashed items, and synchronized local databases. By combining remote API calls with deep analysis of local sync client artifacts, it provides a comprehensive view of a user's cloud activity, ensuring no evidence is missed due to cloud-only or cached file states.

主要功能

01API-based remote acquisition for Google Drive and OneDrive/Microsoft 365

02Generation of forensic acquisition logs for chain of custody documentation

034,121 GitHub stars

04Automated extraction of file metadata from SQLite synchronization databases

05Recovery of deleted/trashed items and historical file revisions

06Local sync client artifact collection for Windows endpoint devices

使用场景

01Auditing cloud storage synchronization states and local cached data on employee workstations

02Conducting incident response investigations involving suspected data exfiltration via cloud drives

03Performing legal discovery and forensic imaging of corporate cloud storage accounts

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills performing-cloud-storage-forensic-acquisition

For use in Claude.ai and ChatGPT

主要功能

01API-based remote acquisition for Google Drive and OneDrive/Microsoft 365

02Generation of forensic acquisition logs for chain of custody documentation

034,121 GitHub stars

04Automated extraction of file metadata from SQLite synchronization databases

05Recovery of deleted/trashed items and historical file revisions

06Local sync client artifact collection for Windows endpoint devices

使用场景

01Auditing cloud storage synchronization states and local cached data on employee workstations

02Conducting incident response investigations involving suspected data exfiltration via cloud drives

03Performing legal discovery and forensic imaging of corporate cloud storage accounts

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills performing-cloud-storage-forensic-acquisition

For use in Claude.ai and ChatGPT