Adrift in the Cloud: A Forensic Dive into Container Drift
Common Information
Type Value
UUID b9fbb30e-d067-4ec1-be12-da673d52a988
Fingerprint 1d02d3141be50d2b
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 13, 2024, 3:50 p.m.
Added to db Dec. 13, 2024, 5:14 p.m.
Last updated Dec. 23, 2024, 3:25 a.m.
Headline Adrift in the Cloud: A Forensic Dive into Container Drift
Title Adrift in the Cloud: A Forensic Dive into Container Drift
Detected Hints/Tags/Attributes 34/1/33
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 158 Malware Analysis, News and Indicators - Latest topics https://malware.news/latest.rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 7
k8s.io
Details Domain 1
l33t.sh
Details Domain 22
docs.docker.com
Details Domain 4694
github.com
Details Domain 5
dissect.target
Details Domain 2
docker.py
Details Domain 29
sysdig.com
Details Domain 1
www.didactic-security.com
Details Domain 1
povilasv.me
Details Domain 87
kubernetes.io
Details File 1
meta.db
Details File 2
metadata.db
Details File 21
docs.doc
Details File 5
dissect.tar
Details File 2
docker.py
Details File 1
docker-forensics.pdf
Details Github username 2
docker-forensics-toolkit
Details Github username 8
fox-it
Details Github username 39
google
Details Github username 1
keikoproj
Details sha256 1
7ee0c6c2ac27dcf810737b6426611e42bd91d963edcad5aa3fd12db20d898f42
Details Url 1
https://docs.docker.com/engine/storage/drivers/select-storage-driver
Details Url 1
https://github.com/docker-forensics-toolkit/toolkit
Details Url 1
https://github.com/fox-it/dissect.target/blob/main/dissect/target/plugins/apps/container/docker.py
Details Url 1
https://github.com/google/docker-explorer
Details Url 1
https://github.com/keikoproj/kube-forensics
Details Url 1
https://github.com/google/container-explorer
Details Url 1
https://sysdig.com/blog/guide-kubernetes-forensics-dfir
Details Url 1
https://www.didactic-security.com/resources/docker-forensics.pdf
Details Url 1
https://docs.docker.com/engine/storage/drivers/overlayfs-driver/#deleting
Details Url 1
https://povilasv.me/how-to-monitor-containerd
Details Url 3
https://kubernetes.io/blog/2022/12/05/forensic-container-checkpointing-alpha
Details Url 1
https://kubernetes.io/blog/2023/03/10/forensic-container-analysis/#file