svch0stz/velociraptor-detections external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

svch0stz/velociraptor-detections

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/svch0stz/velociraptor-detections)

Close

svch0stz / velociraptor-detectionsView on GitHubMore

• External links
• Readme badge

☆22Jan 31, 2023Updated 3 years ago

Alternatives and similar repositories for velociraptor-detections

Users that are interested in velociraptor-detections are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ReconInfoSec / velociraptor-to-timesketch

  View on GitHub
  ☆14Oct 24, 2024Updated last year
• Velocidex / vfilter

  View on GitHub
  A library implementing a generic SQL like query language.
  ☆21Mar 25, 2026Updated 3 weeks ago
• mgreen27 / DetectRaptor

  View on GitHub
  A repository to share publicly available Velociraptor detection content
  ☆202Apr 12, 2026Updated last week
• Azure / forensics

  View on GitHub
  ☆12Mar 28, 2026Updated 3 weeks ago
• rj-chap / BaselineTraining

  View on GitHub
  Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk
  ☆14Mar 4, 2019Updated 7 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• WesSec / VelociDeploy-o-Matic

  View on GitHub
  Scripts to for ready-to-use Velociraptor instance deployment in Azure
  ☆14Jun 27, 2023Updated 2 years ago
• Velocidex / registry_hunter

  View on GitHub
  Hunt the windows Registry automatically using VQL
  ☆15Jan 6, 2026Updated 3 months ago
• EricZimmerman / VSCMount

  View on GitHub
  Mount VSCs with ease!
  ☆18Jan 22, 2025Updated last year
• EricZimmerman / TLEFilePlugins

  View on GitHub
  Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…
  ☆33May 5, 2025Updated 11 months ago
• mgreen27 / mcp-velociraptor

  View on GitHub
  VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.
  ☆75Aug 20, 2025Updated 7 months ago
• socfortress / velociraptor-mcp-server

  View on GitHub
  Repo to hold mcp server for velociraptor
  ☆36Jul 27, 2025Updated 8 months ago
• dfirvault / Thor-scanner-menu

  View on GitHub
  Menu for Thor scanner lite
  ☆20Oct 24, 2025Updated 5 months ago
• rj-chap / ransomware_tips

  View on GitHub
  Random tips and tricks RE: ransomware
  ☆14Aug 17, 2021Updated 4 years ago
• CD-R0M / YARA

  View on GitHub
  Hundred Days of Yara Challenge
  ☆12Jun 21, 2022Updated 3 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• mandiant / win10_auto

  View on GitHub
  ☆24Aug 30, 2019Updated 6 years ago
• SubashGhimire / Hunting-Queries-and-Detection-Rule-Microsoft-Sentinel-Defender

  View on GitHub
  KQL Sentinel and Defender Detection and Hunting Queries.
  ☆16Feb 24, 2026Updated last month
• ACE-Responder / ace-proctree

  View on GitHub
  Create a cool process tree like https://twitter.com/ACEResponder.
  ☆35Mar 1, 2023Updated 3 years ago
• secure-cake / rapid-endpoint-investigations

  View on GitHub
  Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE
  ☆191Apr 1, 2026Updated 2 weeks ago
• dwmetz / PSHero

  View on GitHub
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆37Jul 11, 2023Updated 2 years ago
• dwmetz / Axiom-PowerShell

  View on GitHub
  PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.
  ☆12Aug 26, 2024Updated last year
• kacos2000 / Win10LiveInfo

  View on GitHub
  Windows 10 Live Information viewer
  ☆39Jan 27, 2022Updated 4 years ago
• brokensound77 / toruk

  View on GitHub
  Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data
  ☆13Jul 16, 2019Updated 6 years ago
• embee-research / CyberChef

  View on GitHub
  ☆16Mar 22, 2023Updated 3 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• mathis2001 / Cert4Recon

  View on GitHub
  Simple passive Python Recon tool for subdomains enumeration with crt.sh
  ☆25Jun 14, 2022Updated 3 years ago
• evild3ad / Get-MiniTimeline

  View on GitHub
  Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE
  ☆33May 25, 2024Updated last year
• strozfriedberg / velociraptor-lateral-movement

  View on GitHub
  ☆12Aug 27, 2025Updated 7 months ago
• Sam0x90 / CB-Threat-Hunting

  View on GitHub
  CarbonBlack EDR detection rules and response actions
  ☆73Sep 10, 2024Updated last year
• svch0stz / TheThreatHuntLibrary

  View on GitHub
  Library of threat hunts to get any user started!
  ☆50Sep 4, 2020Updated 5 years ago
• magisterquis / lutlol

  View on GitHub
  Living Under the Land on Linux ~ Bsides Belfast/Vienna 2025
  ☆38Nov 22, 2025Updated 4 months ago
• Purp1eW0lf / quickforensics

  View on GitHub
  ☆33Dec 4, 2022Updated 3 years ago
• 100DaysofYARA / 2025

  View on GitHub
  Rules shared by the community from 100 Days of YARA 2025
  ☆38Jan 2, 2026Updated 3 months ago
• Velocidex / eql2vql

  View on GitHub
  Transform EQL detection rules to VQL artifacts
  ☆12Nov 12, 2021Updated 4 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• AhmadMavali / wazuh_misp_integration

  View on GitHub
  ☆15Dec 6, 2023Updated 2 years ago
• zbalkan / rulevis

  View on GitHub
  RuleVis is a powerful analysis tool that transforms your Wazuh ruleset into a dynamic, interactive force-directed graph. It helps you vis…
  ☆25Nov 12, 2025Updated 5 months ago
• Recruit-CSIRT / macApfsMounter

  View on GitHub
  A small tool to easily mount APFS image on macOS for forensics.
  ☆16Jul 30, 2020Updated 5 years ago
• tomwechsler / Microsoft_365_Enterprise_Mobility_Security

  View on GitHub
  All about Microsoft 365 Enterprise Mobility + Security (EMS)
  ☆25Dec 3, 2023Updated 2 years ago
• n0tspam / RunspaceLoader

  View on GitHub
  Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
  ☆13Dec 11, 2023Updated 2 years ago
• joeavanzato / crackdown

  View on GitHub
  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
  ☆17Oct 28, 2023Updated 2 years ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools

  View on GitHub
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆66Jul 7, 2022Updated 3 years ago