Velociraptor - Endpoint visibility and collection tool.

Velociraptor is a tool for collecting host based state information using Velocidex Query Language (VQL) queries.

Velociraptor is loosely based on Google's GRR technologies but is a re-implementation and redesign focusing on ease of use, scalability and flexibility.

To learn more about Velociraptor, read about it on our blog:

https://velociraptor-blog.velocidex.com

Quick start

Download the binary from the release page.
You need to generate a server config file. This will generate new key material:

$ velociraptor config generate > /etc/velociraptor.config.yaml


3. Edit the config file and update any settings.  
4. To be able to log into the GUI you will need to make a user account with password.  

    ```bash
     $ velociraptor --config /path/to/my/server.config.yaml user add my_user_name
    ```
    
5. Start the server:
    ```bash   
     $ velociraptor --config /path/to/my/server.config.yaml frontend
    ```
    
6. Point a browser at the GUI port that you set in the config
   file. You should be able to log in with the password set earlier.
7. Generate a client config (this is just the client part of the
   server config you made before - it contains no secrets and can be
   installed on clients.):

    ```bash   
     $ velociraptor --config /path/to/my/server.config.yaml config client > client.conf.yaml
    ```
    
8. Launch the client on any system with this client config file.

    ```bash   
    $ velociraptor --config client.conf.yaml client
    ```
   
9. You should be able to search for the client in the GUI, browse VFS,
   download files etc.

## Building from source.

To build from source, make sure you have a recent Golang installed then just:

1. Get the code:

```bash
   $ go get www.velocidex.com/golang/velociraptor
   $ cd $GO_PATH/go/src/www.velocidex.com/golang/velociraptor/
   $ dep ensure

   # This will build the GUI elements:
   $ cd gui/static/
   $ npm install
   $ gulp compile
   $ cd -

   # This builds a release (i.e. it will embed the GUI files in the
   # binary). If you dont care about the GUI a simple "make" will
   # build a bare binary.
   $ make release
   $ make windows

Getting help

Questions and feedback are welcome at velociraptor-discuss@googlegroups.com

File issues on https://gitlab.com/velocidex/velociraptor

Name		Name	Last commit message	Last commit date
Latest commit History 71 Commits
actions		actions
api		api
bin		bin
binary		binary
config		config
constants		constants
context		context
crypto		crypto
datastore		datastore
debian		debian
executor		executor
file_store		file_store
flows		flows
glob		glob
gui		gui
http_comms		http_comms
logging		logging
proto		proto
responder		responder
scripts		scripts
server		server
templates		templates
test_data		test_data
testing		testing
third_party/cache		third_party/cache
urns		urns
users		users
utils		utils
vql		vql
.gitignore		.gitignore
Gopkg.lock		Gopkg.lock
Gopkg.toml		Gopkg.toml
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
docs.go		docs.go
make_proto.sh		make_proto.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Velociraptor - Endpoint visibility and collection tool.

Quick start

Getting help

About

Releases

Packages

Languages

License

jpalanco/velociraptor

Folders and files

Latest commit

History

Repository files navigation

Velociraptor - Endpoint visibility and collection tool.

Quick start

Getting help

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages