This is an open source project devoted to the learning and communication of forensic tools and practices in the cloud. My intention is to provide resources that cover all of the common Cloud Service Providers.
It is definitely a work-in-progress. That said, we are pleased to offer a few resources:
- Directions on how to create a SIFT Workstation Amazon Machine Image - Have you been trying to figure out how to get the SIFT CLI Installer to exit cleanly without errors when installing to an Ubuntu EC2 Instance? If so, check out my alternate method.
- WORKSHOP - Step by Step Walkthrough of Forensic Analysis of Amazon Linux on EC2 for Incident Responders - This is a step-by-step walkthrough of techniques that can be used to perform forensics on Amazon Linux Instances running in AWS Elastic Cloud Compute (EC2). We use various open-source tools and perform the analysis itself in the cloud. Try the workshop.
Check back for updates.