Velociraptor
Premium roomLearn Velociraptor, an advanced open-source endpoint monitoring, digital forensic and cyber response platform.
medium
30 min
23,745
To access material, start machines and answer questions login.
Velociraptor
In this room, we will explore Rapid7's newly acquired tool known as Velociraptor (opens in new tab).
Per the official Velociraptor documentation (opens in new tab), "Velociraptor is a unique, advanced open-source endpoint monitoring, digital forensic and cyber response platform. It was developed by Digital Forensic and Incident Response () professionals who needed a powerful and efficient way to hunt for specific artifacts and monitor activities across fleets of endpoints. Velociraptor provides you with the ability to more effectively respond to a wide range of digital forensic and cyber incident response investigations and data breaches".
This tool was created by Mike Cohen, a former Google employee who worked on tools such as GRR (opens in new tab) (GRR Rapid Response) and Rekall (opens in new tab) (Rekall Memory Forensic Framework). Mike joined Rapid7's Detection and Response Team and continues to work on improving Velociraptor. At the date of this entry, the latest release for Velociraptor is 0.6.3 (opens in new tab).
Learning Objectives
- Learn what is Velociraptor
- Learn how to interact with agents and create collections
- Learn how to interact with the virtual
- Learn what is VQL and how to create basic queries
- Use Velociraptor to perform a basic hunt
Prerequisites
Ready to learn Cyber Security?
The Velociraptor room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in