An experimental Velociraptor implementation using cloud infrastructure
☆26Dec 2, 2025Updated 3 months ago
Alternatives and similar repositories for cloudvelo
Users that are interested in cloudvelo are comparing it to the libraries listed below
Sorting:
- Thor Artifacts for Velociraptor☆19Dec 2, 2025Updated 3 months ago
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Feb 11, 2026Updated last month
- ☆12Aug 27, 2025Updated 6 months ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Indicators of compromise☆17Jan 29, 2026Updated last month
- CLI generator for Velociraptor offline collector☆16Mar 6, 2026Updated 2 weeks ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- ☆11Apr 2, 2022Updated 3 years ago
- Hunt the windows Registry automatically using VQL☆14Jan 6, 2026Updated 2 months ago
- Repo to hold mcp server for velociraptor☆32Jul 27, 2025Updated 7 months ago
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 8 months ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆26Oct 3, 2023Updated 2 years ago
- ☆54May 14, 2024Updated last year
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- GUI for regripper☆11Mar 19, 2019Updated 7 years ago
- KQL Sentinel and Defender Detection and Hunting Queries.☆16Feb 24, 2026Updated 3 weeks ago
- ☆18Sep 13, 2021Updated 4 years ago
- A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!☆17Aug 31, 2024Updated last year
- dankAlerts is powered by Sysmon and Memes. Would you notice if a suspicious process was recorded in the event log?☆18Jun 24, 2020Updated 5 years ago
- A repository to share publicly available Velociraptor detection content☆196Updated this week
- ☆12Jul 14, 2025Updated 8 months ago
- PowerShell Memory Pulling script☆19Mar 24, 2015Updated 10 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆43Sep 21, 2023Updated 2 years ago
- ☆13Jun 26, 2023Updated 2 years ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆114Sep 14, 2022Updated 3 years ago
- NRefactory - Refactoring Your C# Code☆15Jun 22, 2024Updated last year
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆73Aug 20, 2025Updated 7 months ago
- The purpose of this repository is to share KQL queries to help identify security misconfigurations, hunt for specific patterns, or detect…☆81Feb 10, 2026Updated last month
- All the useful tools interesting to be used☆24Sep 20, 2022Updated 3 years ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆215Updated this week
- ☆14Oct 24, 2024Updated last year
- Artifact collection tool for *nix systems☆213Mar 20, 2024Updated 2 years ago
- ☆24Mar 12, 2025Updated last year
- Thanks to @d35ha☆13Aug 16, 2021Updated 4 years ago
- A tool for fetching DFIR and other GitHub tools.☆26Aug 2, 2025Updated 7 months ago
- DFIQ is a collection of investigative questions and the approaches for answering them☆301Mar 10, 2026Updated last week
- Open source endpoint agent providing host information to Zeek. [v2]☆90Mar 2, 2026Updated 2 weeks ago
- Easy discovery of assets☆13Jun 22, 2022Updated 3 years ago