你可能會喜歡
It was awesome to be at the @AusCERT conference this year - What an amazing event and I learned so much! See you all next year!
At @AusCERT conference we presented "Sigma and Detection Engineering with @velocidex Velociraptor". Learn how to implement real time Sigma detection with forensic enhancements. Full presentation youtube.com/watch?v=3EBrpF… and slides docs.velociraptor.app/presentations/…
youtube.com
YouTube
Auscert 2025 Detection Engineering Workshop
At @AusCERT conference we presented "Sigma and Detection Engineering with @velocidex Velociraptor". Learn how to implement real time Sigma detection with forensic enhancements. Full presentation youtube.com/watch?v=3EBrpF… and slides docs.velociraptor.app/presentations/…
youtube.com
YouTube
Auscert 2025 Detection Engineering Workshop
Looking forward to speaking on a panel at the @rapid7 Take Command Summit. Register for free below as we talk about between pen testing, red teaming and the benefits of running regular security exercises. rapid7.brighttalk.com/?utm_source=re…
Velociraptor release 0.73 is now available for testing! Read about all the cool new features here docs.velociraptor.app/blog/2024/2024… . An exciting new feature is built in timelining capability. Check the blog post here docs.velociraptor.app/blog/2024/2024…
We just re-published a cool blog post, on the Velociraptor Blog, by Chris Hayes from @RelianceCyber . The post illustrates the process of setting up Velociraptor using external certificates. docs.velociraptor.app/blog/2024/2024… Original post reliancecyber.com/secure-velocir…
reliancecyber.com
How to use your own certificates to secure your Velociraptor deployment
Learn how to secure your Velociraptor deployment using DigiCert certificates. This comprehensive guide covers creating and installing TLS certificates to ensure safe communication between your...
Great example of VQL automation!
For any velociraptor users - I have been messing around with plyara over the last week and created a few bulk yara artifacts using Yara-Forge - yarahq.github.io. Velociraptor artifacts: File - github.com/mgreen27/Detec… Process github.com/mgreen27/Detec……
The incident started with a compromised server. When we extended the hunting to the entire network, we found traces of the "WayBack" campaign on a computer, which @yoroisecurity documented almost exactly three years ago [1]. We also found the exact same code as in the blog on…
![malmoeb's tweet image. The incident started with a compromised server. When we extended the hunting to the entire network, we found traces of the "WayBack" campaign on a computer, which @yoroisecurity documented almost exactly three years ago [1].
We also found the exact same code as in the blog on…](https://pbs.twimg.com/media/GRbVNpTXkAA11l-.jpg)
I was so excited about the new 0.72 release of Velociraptor I just could not wait to make a quick video to show you all the new features! #velociraptor #dfir #digitalforensics Check it out here youtube.com/watch?v=FwmFYm…
youtube.com
YouTube
Velociraptor Release 0.72 Video Walkthrough
Version 0.7.2 of @velocidex is now fully available for download! Learn what's new 👉 r-7.co/3WliUVJ
Only a few days left to secure your early bird for our Velociraptor training in Singapore. This is a rare opportunity to learn about Velociraptor and how to deploy it effectively, develop VQL artifacts and actively hunt for adversaries. blackhat.com/asia-24/traini…
#100daysofyara targeting QuasarRAT via namespace strings observed in process memory and decompiled code. #R7Labs @velocidex Windows.Detection.Yara.Process only returns one hit per process here as I added some groupings to minimise any FPs github.com/rapid7/Rapid7-…
Another #100daysofyara post - #R7Labs Source a couple of samples: bazaar.abuse.ch/browse/tag/Soc… Running @velocidex Windows.Detection.Yara.Process in should detect on a running final payloads. I have focused on simple network connection & config filename strings.…
Thought I would make some posts for #100daysofyara. Not sure how often i'll post but good chance to test some triage workflow and build some pratical Velociraptor rules for automation :) In the example below I grabbed a NanoCore sample from MalwareBazaar -…
We're incredibly thankful to our wonderful community of contributors, testers and enthusiasts! Without you, Velociraptor wouldn't be what it is. To all of you, your family and friends, HAPPY THANKSGIVING!
Want a sneak peek at the upcoming Velociraptor v0.7.1? With awesome new capabilities like built in Sigma integration and enhanced notebook functionality, you will want to download the release candidate today and test it out. Be sure to log any bugs or issues through GitHub.…
Sharing out my workshop from DEATHcon. mgreen27.notion.site/mgreen27/Veloc… Fun to showcase some of the similar workflows I do day to day. @Velocidex #dfir DEATHcon was put on by @rpargman @olafhartong @th3cyF0x its a really unique event - thank you!
Pushed out a Velociraptor artifact to scope some of the items in the SysAid post exploitation activity. docs.velociraptor.app/exchange/artif… @velocidex
⚠️ On November 8, SysAid disclosed CVE-2023-47426, a zero-day path traversal vulnerability affecting on-premise SysAid servers. Microsoft warns that exploitation is likely to result in ransomware deployment and/or data exfiltration. Read more in our blog: bit.ly/3QA4gFI
If you missed VeloCon23, all talks are available on YouTube and the website. docs.velociraptor.app/presentations/… #dfir #cybersecurity #rapid7
While there are many great articles that discuss logs to be sent to a SIEM, many don't mention filtering on the endpoint during investigations. This is an area in which @velocidex excels. 🦖🚀 #FastForensicsBeforeFullSendIt #LogManagementMusts #SaveTheSIEM #SplunkCostBoss
If you like us here, you'll LOVE us on Discord. Come join the smartest and most lively #DFIR community on the planet. discord.com/invite/YAU3vRE
United States 趨勢
- 1. Happy Birthday Charlie Kirk 7,756 posts
- 2. #Worlds2025 20.8K posts
- 3. Bears 90.9K posts
- 4. Jake Moody 14.1K posts
- 5. Falcons 52.3K posts
- 6. Blake Snell 17.2K posts
- 7. Josh Allen 27.3K posts
- 8. Caleb 50.4K posts
- 9. Joji 33.3K posts
- 10. Jayden 23.2K posts
- 11. #BearDown 2,424 posts
- 12. Commanders 53.1K posts
- 13. Ben Johnson 4,524 posts
- 14. Swift 292K posts
- 15. #Dodgers 15.6K posts
- 16. Treinen 4,748 posts
- 17. Turang 4,420 posts
- 18. Roki 6,192 posts
- 19. Bijan 33.8K posts
- 20. #RaiseHail 8,475 posts
你可能會喜歡
-
Velociraptor
@velocidex -
13Cubed
@13CubedDFIR -
Volexity
@Volexity -
DFRWS
@DFRWS -
Eric Zimmerman
@EricRZimmerman -
Ryan "Chaps" Chapman
@rj_chap -
Eric Capuano - Bsky: @eric.zip
@eric_capuano -
sigma
@sigma_hq -
Phill Moore
@phillmoore -
Matthew Green 🌻
@mgreen27 -
Kathryn Hedley
@4enzikat0r -
Jamie Levy🦉
@gleeda -
Richard Davis
@davisrichardg -
J P
@JPoForenso -
Brendan Chamberlain
@infosecb
Something went wrong.
Something went wrong.