8 min
Velociraptor
Finding the LNK: Techniques and methodology for advanced analysis with Velociraptor
In this post, we explore the structure of LNK files using Velociraptor, our open-source digital forensics and incident response (DFIR) tool.
2 min
Velociraptor
Enhancing Velociraptor with the Cado Security Platform
Velociraptor is a robust open-source tool designed for collecting and querying forensic and incident response artifacts across various endpoints. This powerful tool allows incident responders to effortlessly gather data from remote systems, regardless of their location.
11 min
Velociraptor
Velociraptor 0.7.2 Release: Digging Deeper than Ever with EWF Support, Dynamic DNS and More
Rapid7 is very excited to announce that version 0.7.2 of Velociraptor is now fully available for download. In this post we’ll discuss some of the interesting new features.
7 min
Velociraptor
How To Hunt For UEFI Malware Using Velociraptor
UEFI threats have historically been limited in number and mostly implemented by
nation state actors as stealthy persistence. However, the recent proliferation
of Black Lotus on the dark web, Trickbot enumeration module (late 2022), and
Glupteba (November 2023) indicates that this historical trend may be changing.
With this context, it is becoming important for security practitioners to
understand visibility and collection capabilities for UEFI threats
[http://4hko.drordi.com/info/understanding
10 min
Velociraptor
Velociraptor 0.7.1 Release
Rapid7 is excited to announce that version 0.7.1 of Velociraptor is live and available for download. There are several new features and capabilities that add to the power and efficiency of this open-source digital forensic and incident response (DFIR) platform.
1 min
Velociraptor
CVE-2023-5950 Rapid7 Velociraptor Reflected XSS
This advisory covers a specific issue identified in Velociraptor and disclosed by a security code review. Rapid7 Velociraptor versions prior to 0.7.0-4 suffer from a reflected cross site scripting vulnerability.
8 min
Research
Little Crumbs Can Lead To Giants
This blog offers a deep dive into the world of Shell Link files (LNK) and Virtual Hard Disk files (VHD).
4 min
Detection and Response
What’s New in Rapid7 Detection & Response: Q3 2023 in Review
Rapid7 has updated its Detection and Response offerings with advanced DFIR capabilities, custom detection rules, log search features, and more.
5 min
Velociraptor
Velociraptor 0.7.0 Release: Dig Deeper With Enhanced Client Search, Server Improvements and Expanded VQL Library
Rapid7 is thrilled to announce version 0.7.0 of Velociraptor is now LIVE and available for download.
2 min
Velociraptor
Join us for VeloCON 2023: Digging Deeper Together!
Rapid7 is thrilled to announce that the 2nd annual VeloCON: Digging Deeper Together virtual summit will be held this September 13th at 9 am ET.
10 min
Velociraptor
Velociraptor 0.6.9 Release: Digging Even Deeper with SMB Support, Azure Storage and Lockdown Server Mode
Rapid7 is very excited to announce version 0.6.9 of Velociraptor is now LIVE and available for download.
2 min
DFIR
VeloCON 2023: Submissions Wanted!
Our 2nd annual VeloCON virtual summit will be held this September, and the call for presentations closes Monday, July 17, 2023.
9 min
DFIR
The Velociraptor 2023 Annual Community Survey
Rapid7's Velociraptor team distributed our first community survey in early 2023. Here's what we learned!
6 min
Velociraptor
Automating Qakbot Detection at Scale With Velociraptor
This blog offers a practical methodology to extract configuration data from recent Qakbot samples.
5 min
Open Source
Velociraptor Version 0.6.8 Available Now
Velociraptor update delivers new client-server communication protocol, VFS GUI, and performance upgrades