velociraptor-discuss

The artifact that is triggered by the GUI's delete flow button is Server.Utils.DeleteFlow you

Hi Mike. Thank you for detailed explanation with internal behaviors. My question was completely

It seems I was wrong - the file_store() function does in fact sanitize the path properly and also

This was discussed here https://github.com/Velocidex/velociraptor/issues/1143 with a proposed

Thank you. On Tuesday, December 7, 2021 at 8:38:18 AM UTC-5 mi...@velocidex.com wrote: Just to let

I discovered that the VM had originally been used as a Velo server and is used as a client. So I

You can just use the python API to run any queries from python and get the json to do whatever you

Thanks Mike, your response got me pointed in the right direction. Here's what I came up with that

When you run the query in a notebook you are actually running it on the server (which is probably

Thanks Mike, as always :-) We have that clock running to automaticly schedule the check artifact each

Not sure if this helps, but Whitney and I did a talk at DFIR summit about this. https://www.youtube.

thank you for the prompt response On Tuesday, September 21, 2021 at 2:05:15 PM UTC-7 mike_cohen wrote

There's still time to submit your entry to the Velociraptor Contributor Contest. We'll be

Is there any clues in the query log? On Monday, September 6, 2021 at 6:03:36 PM UTC+10 learning...@

It looks like your clients are not properly installed - how have you deployed them? They need to

My apologies! The above script works correct, what i failed to do was unload the artifact from the

Forget the qst. Was a firewall issue! Thanks anyway El martes, 27 de julio de 2021 a las 19:01:29 UTC

Hello Mike, Thanks a lot for your help ! Everything works as i wanted, so i just did "

As you can see the artifacts_with_results contain two artifacts: artifacts_with_results': ['

Velociraptor uses the write back file located in the config file to store it's private key and

Got it working, thanks for the help. We decided to not go with our own GoDaddy-provided cert, as the

that worked, thank you On Friday, May 28, 2021 at 6:05:52 PM UTC-4 Mike Cohen wrote: Can you search

Hi Ali, Usually you just create a new deb/rpm file with the same command as usual and just upgrade

This URL is not working anymore. Could you please point us to somewhere we can atleast pay for the

We are using Velociraptor with our AWS test network and have a module that queries the Velociraptor

Thanks Mike, I'll delete the writeback file when we fire up the instance and then it should

HI all, Another thing that I think it needs to be fixed is “Shell” option under Host information for

Hi all, With the good news that velociraptor now supports FreeBSD I decided to give it a try. At this

Hi Mike, I have the following artifact that I'm sure we had working before, but now I don't

Mariano, You may want to try changing your server URL to be that of: https://192.168.232.15:8000/