If you use the prevent_execve option, please upgrade your client to
mitigate CVE-2025-0914 to at least release 0.73.4. More
details
Velociraptor - Digging Deeper!
Velociraptor is an advanced digital forensic and incident response tool that enhances your visibility into your endpoints.
At the press of a (few) buttons, perform targeted collection of digital forensic evidence simultaneously across your endpoints, with speed and precision.
Continuously collect endpoint events such as event logs, file modifications and process execution. Centrally store events indefinitely for historical review and analysis.
Don't wait until an event occurs. Actively search for suspicious activities using our library of forensic artifacts, then customize to your specific threat hunting needs.