velociraptor-discuss

You didnt say how old the client was? What is the exact error? Thanks Mike Mike Cohen Digital

Dear Mike, I have rhel 7.x with the same GLIBC support problem on the client side. so I have to use

Dear Team, I am getting error when I try to install the latest and n-1 Velociraptor version in Oracle

Please see this kb article https://docs.velociraptor.app/knowledge_base/tips/plugin_not_found/ On Fri

I see that AnyDesk and TeamViewer artifacts have been created, but.... Does anyone care to share a

Thank you! It's working with our cert now. On Wednesday, April 3, 2024 at 10:03:12 AM UTC-4 Mike

Thanks for asking about this... The VQL function that uploads files to the server is called upload()

Hi Loïc, Thanks for asking about this. We very rarely if ever look at memory dumps in general - why

Tx Mike! I updated my artefact, really cool! On 8 Mar 2024, at 12:59, Mike Cohen <mike@velocidex.

You could use a MAC address to uniquely identify the machine. The local IP address is also reported

Hi Matt, That's what I'm testing now… I pasted a big bunch of YARA rules in the Artefacts

Hi. what about if you've no ADFS any more and are hybrid/federated with Azure? Can we still use

You probably enabled the vql plugin allow list in the config file. See this https://docs.velociraptor

Hello. In looking at the code for the "Linux.Network.Netstat" artifact, the first LET

Hi Mike, Finally identified the specific issue and have a solution. It transpires that the Azure

Did you modify the API bind address in the config file? It should be 127.0.0.1 or 0.0.0.0 On Fri, 22

If you include multiple URLs in the server_urls setting the clients will try one then the other. This

"clients()" does list *all* clients, offline and online. The problem I was having has to do

Thanks for spending the time to debug and report this issue. I actually think there is something

Hello. I was wondering how to list velociraptor clients that are offline using the velociraptor api.

Hello Velociraptor Community, Please take note of the following advisory related to CVE-2023-5950 and

Next you should do the same thing on the server itself to verify it's listening on that interface

Hi Gert Just circling back to this one, I was told that you can contact our risk team directly for

btw, could you tell me why sometimes when I launched the server artifact, it will turn down the whole

Hi, I'm using velociraptor for hunting endpoints. I'm wondering if there is a way that I can

Hi, I'm using velociraptor for hunting endpoints. I'm wondering if there is a way that I can

Hi Gaurav, There are currently artifacts for services like Virustotal, Hybrid Analysis, and I think

This is covered here https://docs.velociraptor.app/docs/server_automation/server_api/#schedule-an-

Hi, Just trying to set up a velociraptor server, and getting this on the admin panel. connection

Got it. Thanks Mike. On Thu, May 18, 2023 at 11:18 AM Mike Cohen <mi...@velocidex.com> wrote: