-
Velociraptor versions before 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user’s current ACL token.
-
Velociraptor versions before 0.76.3 improperly validated input in client message handler. This could lead to remote code execution on the server.
Velociraptor - Digging Deeper!
Velociraptor is an advanced digital forensic and incident response tool that enhances your visibility into your endpoints.
At the press of a (few) buttons, perform targeted collection of digital forensic evidence simultaneously across your endpoints, with speed and precision.
Continuously collect endpoint events such as event logs, file modifications and process execution. Centrally store events indefinitely for historical review and analysis.
Don't wait until an event occurs. Actively search for suspicious activities using our library of forensic artifacts, then customize to your specific threat hunting needs.