ENNAENNA

Velociraptor

Featured

馃敩 Digital ForensicsGo

Velociraptor is an endpoint visibility and collection tool designed for digital forensic investigations and incident response (DFIR). It allows security teams to hunt for artifacts across thousands of endpoints simultaneously, providing deep insights into system activities. Written in Go, Velociraptor is notable for its scalability and speed, enabling rapid response and comprehensive analysis in enterprise environments.

3.9kstars
609forks
70issues
Updated 17d ago
+I use this
馃惓 Docker Ready
View on GitHubOfficial Website

Tags

endpointhuntingdfirartifact-collectiondigital-forensicsendpoint-discoveryendpoint-protectionendpoint-securityforensics-investigationsincident-responseinventory-management

Details

Category
馃敩 Digital Forensics
Language
Go
Platforms
馃惂linux馃崕macos馃獰windows

Links

GitHub Repository

github.com/Velocidex/velociraptor

Official Website

docs.velociraptor.app

Releases

github.com/Velocidex/velociraptor/releases

Issues

github.com/Velocidex/velociraptor/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Used in 1 Workflow

馃毃

Incident Response Triage Workflow

Intermediate6 steps 路 1-4 hours (initial triage)

Community Reviews

Alternatives & Comparisons

YARA

C

Pattern matching swiss knife for malware researchers. Create rules to identify and classify malware samples.

Compare Velociraptor vs YARA

GRR Rapid Response

Python

Remote live forensics framework by Google. Deploy agents across thousands of endpoints for artifact collection and analysis.

Compare Velociraptor vs GRR Rapid Response

KAPE

C#

Kroll Artifact Parser and Extractor. Fast triage collection and parsing of forensic artifacts from Windows, macOS, and Linux.

Compare Velociraptor vs KAPE

osquery

C++

SQL-powered endpoint visibility. Query operating system state as a relational database for security monitoring and compliance.

Compare Velociraptor vs osquery

Wazuh

C/Python

Open-source SIEM and XDR platform. Endpoint detection, log analysis, vulnerability scanning, and compliance monitoring.

Compare Velociraptor vs Wazuh

usbrip

Python

Track USB device connection history and generate forensic artifacts on Linux.

Compare Velociraptor vs usbrip

More in Digital Forensics

Volatility 3

Python

Advanced memory forensics framework. Extracts artifacts from RAM dumps - processes, network connections, registry.

memoryram-dumpartifact-extraction

Autopsy

Java

Digital forensics platform with GUI. Disk image analysis, timeline analysis, keyword search, hash filtering.

disk-forensicsguitimeline

Ghidra

Java

NSA's reverse engineering framework. Disassembly, decompilation, graphing, and scripting for binary analysis.

reverse-engineeringdecompilerbinary-analysis

Binwalk

Python

Firmware analysis tool. Searches binary images for embedded files, executables, and file systems.

firmwarebinaryextraction

YARA

C

Pattern matching swiss knife for malware researchers. Create rules to identify and classify malware samples.

malwarepattern-matchingrules

Plaso (log2timeline)

Python

Super timeline creation engine. Extracts timestamps from multiple forensic artifact sources into a single timeline.

timelinelog-analysisartifact