8 min
Velociraptor
Finding the LNK: Techniques and methodology for advanced analysis with Velociraptor
In this post, we explore the structure of LNK files using Velociraptor, our open-source digital forensics and incident response (DFIR) tool.
7 min
Velociraptor
How To Hunt For UEFI Malware Using Velociraptor
UEFI threats have historically been limited in number and mostly implemented by
nation state actors as stealthy persistence. However, the recent proliferation
of Black Lotus on the dark web, Trickbot enumeration module (late 2022), and
Glupteba (November 2023) indicates that this historical trend may be changing.
With this context, it is becoming important for security practitioners to
understand visibility and collection capabilities for UEFI threats
[https://www.rapid7.com/info/understanding
6 min
Velociraptor
Automating Qakbot Detection at Scale With Velociraptor
This blog offers a practical methodology to extract configuration data from recent Qakbot samples.