CloudStorage_All

CompoundCompoundv1.4

Author: Chad Tilbury and Andrew Rathbun

description

Cloud Storage Contents and Metadata

includes (14)

BoxDrive_UserFiles 2 paths →

Dropbox_UserFiles 1 paths →

GoogleDriveBackupSync_UserFiles 1 paths →

OneDrive_UserFiles 1 paths →

pCloudDatabase 3 paths →

SugarSync 3 paths →

CloudStorage_Metadata

Idrive 14 paths →

paths

39 pathsfrom 14 targets

› paths use Windows environment syntax

collection commands

source:

destination:

# PowerShell Collection Script
# Target: CloudStorage_All (Compound Target)
# Use KAPE for compound target collection:
# kape.exe --tsource C: --tdest D:\Evidence --target CloudStorage_All

Write-Host "For compound targets, use KAPE directly for best results." -ForegroundColor Yellow

› Save as .ps1 and run as Administrator. Use: powershell -ExecutionPolicy Bypass -File script.ps1

Note: This is a compound target that references 8 other targets. KAPE will automatically collect all referenced artifacts.

references

For those looking to contribute to this list, check here for ideas: https://en.wikipedia.org/wiki/Comparison_of_online_backup_services.

Install one of the applications not covered above and find where useful information is stored. If useful information can be located, make an individual Target for it and place in the appropriate folder. Then, include that Target in the appropriate Compound Target.