This guide is for setting up Velociraptor in Kubernetes (AWS)

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

SPAm IP Tester: a CLI for those IP addresses that don't look friendly

A GitHub Action to setup Velociraptor

A simple template for Deno.

Velociraptor support for VSCode

Simple anydesk log collector written in VQL for velociraptorIR and is an edited version of the file collector artifact. This file was made while I worked for ESTIJABAH company

Scripts to for ready-to-use Velociraptor instance deployment in Azure

Custom Artifacts for Rapid7 Velociraptor Software

VTC - Velociraptor Timeline Creator

This project is a SIEM with SIRP and Threat Intel, all in one.

Custom velociraptor artifacts

A collection of basic DFIR tips, tricks and common places to hunt.

This tool monitors Velociraptor's syslog messages for specific actions performed by users within the Velociraptor DFIR platform. When certain patterns are detected, it sends detailed email notifications to designated recipients, providing enhanced visibility into user activities and potential security events.

A Velociraptor artifact for automated Thor YARA scanning

A deployment and testing platform for Velociraptor's client artifacts

A hands-on DFIR investigation using Velociraptor to contain a Mimikatz infection, collect forensic artifacts, and perform network-wide threat hunting.

A DFIR lab demonstrating rapid forensic triage and artifact collection using Velociraptor and KAPE in response to a Mimikatz alert.