How to Install Velociraptor on Windows
Introduction to Velociraptor
Velociraptor is an advanced digital forensic and incident response tool that enhances your visibility into your endpoints. At the press of a few buttons, perform targeted collection of digital forensic evidence simultaneously across your endpoints with speed and precision.
Prerequisites
To install Velociraptor on Windows, you will need the following:
- A Windows host with at least 4GB of RAM and 10GB of free disk space
- A custom clientconfig.xml file
- The appropriate Velociraptor executable for your host architecture
Installation Instructions
- Install the Wix application on your Windows host.
- Add your custom clientconfig.xml file and the appropriate Velociraptor executable to a subdirectory of your build directory called output.
- Copy the configuration file into the output directory.
- Execute the build batch file to create the new MSI file.
Notes
Velociraptor is written in Go and so is available for all the platforms supported by Go. This means that Windows XP and Windows Server 2003 are not supported, but anything after Windows 7/Vista is. We build our releases using the MUSL library x64 for Linux and a recent macOS system, so earlier platforms may not be supported by our release pipeline.
Conclusion
Once you have successfully installed Velociraptor, you can begin using it to investigate and respond to incidents on your network. For more information on Velociraptor, please visit the official website.
Komentar