creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 21:54:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-cloud-storage-forensic-acquisition/references/workflows.md
T

824 B
Raw Blame History

Workflows - Cloud Storage Forensic Acquisition

Workflow 1: API-Based Remote Acquisition

Obtain legal authorization and credentials
    |
Authenticate via service API (OAuth2 / app credentials)
    |
Enumerate all files including shared and trashed items
    |
Download file contents preserving metadata
    |
Collect revision history and activity logs
    |
Hash all acquired files (SHA-256)
    |
Generate acquisition log with timestamps

Workflow 2: Endpoint Artifact Collection

Identify cloud sync client installations
    |
Collect local sync databases (KAPE cloud targets)
    |
Parse sync engine databases (OneDrive, GDrive, Dropbox)
    |
Identify cloud-only files from metadata
    |
Recover cached and deleted files from local storage
    |
Correlate local artifacts with API-acquired data
Reference in New Issue View Git Blame Copy Permalink