Release 0.2.7

This is the next point release of Velociraptor.

This release brings many features:

1. Velociraptor can use autocert to provision its own SSL certs.
2. Velociraptor now supports oauth so it can be used with Google's SSO.
3. Hunts flow is now reworked to be much simpler.
4. Lots of GUI improvements:
   • Artifact editor allows users to copy and tweak existing artifacts.
   • Remove a lot of old GRR GUI elements which are no longer used.

The details are described in our blog posts:

• Configuring Velociraptor for SSL
• Deploying Velociraptor with OAuth SSO
  

Release 0.2.6

This is the next point release of Velociraptor.

Highlights of this release include:

• Added interactive shell and execve() VQL plugin. It is now possible to write artifacts which run arbitrary commands on the client.
• Server side VQL can be used to watch client monitoring events and raise alerts.
• Added artifact acquisition which allows to run multiple event artifacts concurrently to watch and react to rules.

The details are described in our blog posts:

• Velociraptor Interactive Shell
• Server side VQL queries and Escalation Events
• More on client event collection

Release 0.2.5

This is the next point release of the Velociraptor DFIR tool.

This release introduces the event monitoring framework. This allows Velociraptor to watch event logs and record process execution logs on Windows.

More details in the workshop slides:
https://docs.velociraptor.velocidex.com/blog/html/2018/11/13/velociraptor_training_at_nzitf.html

Release 0.2.4

Welcome to the next point release of Velociraptor.

This release brings yara integration and raw NTFS support.

More details on our blog https://velociraptor-blog.velocidex.com/

Point release 0.2.3

Welcome to the next point release of Velociraptor - an advanced endpoint monitoring and response tool based on the Velocidex Query Language (VQL).

This release introduces the new client communication protocol. This allows Velociraptor clients to be
responsive and fast and offers a huge improvement over previous releases. Read more about this on our
blog at https://velociraptor-blog.velocidex.com/2018/09/velociraptors-client-communication.html

Binaries for Linux and Windows are available:

• Linux: velociraptor_0.2.3.elf e74588ebbeae30c0f9387619fb2ae9772627ef121865cabde435d4350338a919
• Windows: velociraptor_0.2.3.exe 5ef5c39164d577d6703d0ef56c67b7d80a77ace1b3f980edf7868ec2e1e0ed74

Initial alpha release

First alpha release.

Only suitable for testing. Please send feedback to velociraptor-discuss@googlegroups.com or file issues on https://gitlab.com/velocidex/velociraptor/

Welcome to the first public release of Velociraptor - an advanced endpoint monitoring and response tool based on the Velocidex Query Language (VQL).

More information about project motivations and design can be seen on our blog https://velociraptor-blog.velocidex.com

Binaries for Linux and Windows are available:

Linux: 7becee1aca428c1d187fba654e711371f4f32847393eebac2b9c90fdfec76b91
Windows: 05e3bd5c85b8a1a15c418b175fa2940636e8bcc19d27d94f50ce071d6405d5f8