Velociraptor is an advanced digital forensic and incident response tool that enhances your visibility into your endpoints.
Velociraptor’s power and flexibility comes from the Velociraptor Query Language (VQL). VQL is a framework for creating highly customized artifacts, which allow you to collect, query, and monitor almost any aspect of an endpoint, groups of endpoints, or an entire network. It can also be used to create continuous monitoring rules on the endpoint, as well as automate tasks on the server.
This is free and open source software.
Key Features
- Reconstruct attacker activities through digital forensic analysis.
- Hunt for evidence of sophisticated adversaries.
- Investigate malware outbreaks and other suspicious network activities.
- Monitory continuously for suspicious user activities, such as files copied to USB devices.
- Discover whether disclosure of confidential information occurred outside the network.
- Gather endpoint data over time for use in threat hunting and future investigations.
Website: docs.velociraptor.app
Support: GitHub Code Repository
Developer: Velocidex
License: GNU Affero General Public License v3.0
Velociraptor is written in Go. Learn Go with our recommended free books and free tutorials.
Related Software
| Incident Response | |
|---|---|
| GRR | Remote live forensics for incident response |
| GoAlert | On-call scheduling, automated escalations and notifications |
| Alertmanager | Handles alerts sent by client applications such as the Prometheus server |
| Velociraptor | Endpoint visibility and collection tool |
| FIR | Cybersecurity incident management platform |
| Dispatch | Manage security incidents by deeply integrating with existing tools |
| Cabot | Monitoring and alerts service |
| Iris | Automated incident paging system at LinkedIn |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Know a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |