Velocidex

All

73 repositories

velociraptor-triage-collector
Public
Construct triage artifact based on rules
Go
•
MIT License
•0•3•1•0•Updated Nov 1, 2025Nov 1, 2025
velociraptor
Public
Digging Deeper....
incident-response inventory-management digital-forensics endpoint-protection endpoint-discovery forensics-investigations endpoint-security
Go
•
Other
•561•3.6k•62•5•Updated Oct 31, 2025Oct 31, 2025
go-prefetch
Public
A golang implementation of a prefetch parser.
golang digital-forensics
Go
•
Apache License 2.0
•4•20•1•0•Updated Oct 27, 2025Oct 27, 2025
etw
Public
Go
•
MIT License
•0•1•0•0•Updated Oct 27, 2025Oct 27, 2025
zip
Public
Enhanced zip library
Go
•
BSD 3-Clause "New" or "Revised" License
•2•2•0•0•Updated Oct 27, 2025Oct 27, 2025
cloudvelo
Public
An experimental Velociraptor implementation using cloud infrastructure
Go
•
Other
•12•26•1•0•Updated Oct 21, 2025Oct 21, 2025
velociraptor-sigma-rules
Public
A Compiler from Sigma rules to VQL
Go
•7•12•0•0•Updated Oct 21, 2025Oct 21, 2025
velociraptor-docs
Public
Documentation site for Velociraptor
HTML
•
Other
•244•54•7•27•Updated Oct 21, 2025Oct 21, 2025
go-pe
Public
A Portable Executable parser for Golang
Go
•
Apache License 2.0
•23•47•0•0•Updated Oct 15, 2025Oct 15, 2025
velociraptor-legacy-build
Public
Build Velociraptor for Windows 7
Go
•
Other
•0•0•0•0•Updated Oct 15, 2025Oct 15, 2025
WinPmem
Public
The multi-platform memory acquisition tool.
C
•
Apache License 2.0
•129•867•26•0•Updated Oct 14, 2025Oct 14, 2025
yara-x-go
Public
Go Bindings to Yara X
C
•
BSD 3-Clause "New" or "Revised" License
•0•0•0•0•Updated Oct 10, 2025Oct 10, 2025
SQLiteHunter
Public
Hunt for SQLite files used by various applications
Go
•
GNU Affero General Public License v3.0
•16•26•4•0•Updated Oct 9, 2025Oct 9, 2025
registry_hunter
Public
Hunt the windows Registry automatically using VQL
Rebol
•
MIT License
•2•9•2•0•Updated Oct 1, 2025Oct 1, 2025
vfilter
Public
A library implementing a generic SQL like query language.
Go
•
Apache License 2.0
•9•21•0•0•Updated Sep 15, 2025Sep 15, 2025
go-journalctl
Public
Parser for systemd journal files.
Go
•
Apache License 2.0
•3•14•0•0•Updated Sep 2, 2025Sep 2, 2025
go-yara
Public
Go bindings for YARA
C
•
BSD 3-Clause "New" or "Revised" License
•112•14•0•0•Updated Aug 24, 2025Aug 24, 2025
ordereddict
Public
A simple Ordered Dict implementation.
Go
•
Apache License 2.0
•3•5•0•0•Updated Aug 21, 2025Aug 21, 2025
vtypes
Public
VTypes is a data driven binary parsing system in Go.
Go
•
Apache License 2.0
•4•11•0•0•Updated Aug 2, 2025Aug 2, 2025
pyvelociraptor
Public
PyVelociraptor contains the python bindings for the Velociraptor API.
Python
•
MIT License
•8•20•2•0•Updated Jul 30, 2025Jul 30, 2025
presentations
Public
Presentations and Workshops
HTML
•4•3•0•0•Updated Jul 28, 2025Jul 28, 2025
evtx
Public
Golang Parser for Microsoft Event Logs
Go
•
Apache License 2.0
•19•105•2•0•Updated Jun 30, 2025Jun 30, 2025
Linpmem
Public
Linpmem is a linux memory acquisition tool
C
•
GNU General Public License v2.0
•11•94•0•0•Updated Jun 22, 2025Jun 22, 2025
tracee_velociraptor
Public
An EBPF trace framework for Velociraptor based on tracee
C
•
Apache License 2.0
•2•1•0•0•Updated Jun 20, 2025Jun 20, 2025
go-vhdx
Public
A library to parse VHDX files
Go
•
Apache License 2.0
•0•2•0•0•Updated May 11, 2025May 11, 2025
go-ext4
Public
Parser for Ext4 filesystems
Go
•
Apache License 2.0
•0•1•0•0•Updated May 10, 2025May 10, 2025
binparsergen
Public
Binary Parser Generator for Go
Go
•
Apache License 2.0
•4•5•0•0•Updated May 9, 2025May 9, 2025
go-vmdk
Public
A Go library for reading VMDK files
Go
•
Apache License 2.0
•0•2•0•0•Updated May 5, 2025May 5, 2025
amsi
Public
Golang implementation of Microsoft Antimalware Scan Interface
Go
•
MIT License
•4•1•0•0•Updated Apr 18, 2025Apr 18, 2025
go-ntfs
Public
An NTFS file parser in Go
Go
•
Apache License 2.0
•26•70•3•1•Updated Mar 22, 2025Mar 22, 2025