Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Velociraptor - Dig Deeper

linux.conf.au via YouTube

Overview

Explore the powerful Velociraptor open-source platform for forensic evidence collection and incident response across distributed computer networks in this hands-on lab from linux.conf.au 2020. Learn to configure and deploy Velociraptor servers and agents, collect and examine evidence from test networks, and investigate real-life scenarios. Discover how to use the Velociraptor Query Language (VQL) for custom hunts, and understand deployment options, interface elements, and management features for large-scale use. Gain practical experience in searching for lateral movement evidence, hunting for backdoors and attacker IOCs, and implementing continuous security monitoring on endpoints. Focus on Linux systems while also learning about Velociraptor's support for Windows and MacOS.

Syllabus

Introduction
What is Velociraptor
Download Velociraptor
What makes Velociraptor interesting
Velociraptor overview
Configuration
Testing
Servers
Deployment
Interactive
Virtual File System
Determining User Activity
HighLevel Questions
Encoding Expert Information
Artifacts
Collect Artifacts
Scenario
SSH logs

Taught by

linux.conf.au

Reviews

Start your review of Velociraptor - Dig Deeper

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.