Coursera Cuts Jobs Despite $100M Revenue Milestone

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Mass Digital Forensics & Incident Response with Velociraptor

John Hammond via YouTube

Start learning Write review

Overview

Explore mass digital forensics and incident response techniques using Velociraptor in this comprehensive video tutorial. Learn about Velociraptor's Virtual File System (VFS), artifacts, and automation with VQL. Discover how to perform Sigma rule matching with Hayabusa and compare it to Chainsaw. Dive into parsing Hayabusa findings, creating process trees using PsList and Velociraptor Process Tracker, and investigating PSExec usage. Examine PowerShell artifacts, Bits Transfer artifacts, and techniques for hunting multiple compromised machines. Master parsing results using VQL to enhance your digital forensics and incident response capabilities.

Syllabus

Introduction
Velociraptor VFS
Artifacts & Automation w/ VQL
Sigma Rule matching w/ Hayabusa
Waiting on Hayabusa to finish scan.
How does Hayabusa compare to Chainsaw?
Parsing Hayabusa Findings
PsTree Attempt 1 w/PsList
PsTree Attempt 2 w/Velociraptor Process Tracker
Velociraptor Process Tracker
PSExec Change in v2.30 & How to look for the usage of PSExec
Why this is useful and example use case'
PowerShell Artifacts
Bits Transfer Artifact
How to hunt for multiple compromised machines.
Parsing the Results using VQL
Demo Conclusion

Taught by

John Hammond

Reviews

4.7 rating, based on 3 Class Central reviews

Start your review of Mass Digital Forensics & Incident Response with Velociraptor

  • Profile image for Jacobus Daniel Galvin
    Jacobus Daniel Galvin
    Velociraptor Forensics is a great tool that makes digital forensics more understandable. The demo provided a comprehensive overview of its capabilities, showcasing its potential to streamline forensic investigations. Velociraptor helps users to easily collect, analyze and visualize data while saving up on time and resources.
  • Profile image for AMAKA LARRY
    AMAKA LARRY
    The course was enlightening by discussing the velociraptor application for digital forensics for mostly servers or endpoints. I really enjoyed this course.
  • Profile image for Michael Muchiri
    Michael Muchiri
    I found the presentation super helpful and easy to apply. The presenter was also very knowledgeable and was able to deliver the presentation in a way that is easy to follow and understand. I will definitely go to give a try on the tools suggested using the knowledge acquired.
Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.