Velociraptor Demo

You have probably seen Velociraptor mentioned in the Community before in the context of collecting state information from hosts, even collecting local email data.

I came across this presentation on the weekend from Eric Capuano of Recon InfoSec and thought I would share.

This is a good overview of live incident response against a compromised environment and shows off Velociraptor’s capabilities nicely. Check it out when you have some free time, even if you are more on the DF side of DFIR :+1:t2: