This repository contains some tools to be used by forensics teams to collect evidence from cloud platforms. Currently, Google Cloud Platform, Microsoft Azure, and Amazon Web Services are supported.
It consists of one module called
libcloudforensics which implements functions
that can be desirable in the context of incident response in a cloud
environment, as well as a CLI wrapper tool for these functions.
Documentation can be found on the ReadTheDocs page.