Skip to content

markus13009/velocistack

This branch is 6 commits behind weslambert/velocistack:main.

Folders and files

NameName
Last commit message
Last commit date
May 22, 2023
Mar 7, 2023
Sep 15, 2022
May 22, 2023
Dec 11, 2021
Sep 15, 2022
Dec 8, 2021
Mar 7, 2023
Apr 28, 2022
May 22, 2023
Oct 28, 2020
Sep 22, 2022
May 22, 2023
Sep 22, 2022
Apr 28, 2022

Repository files navigation

Velocistack

image

Introduction

What is Velocistack?

Velocistack is a free and open solution for streamlined host-based forensics and investigation.

  • Collect forensic artifacts
  • Post-process collections
  • Visualize collections or hunt results
  • Create cases for investigation
  • Enrich results with additional context

Why was Velocistack created?

To allow individuals to quickly spin up a local, integrated environment for analysis and investigation of forensic artifacts collected by Velociraptor, using popular free and open tools.

Who should use Velocistack?

  • Analysts
  • Incident Responders
  • Students
  • Anyone!

Screenshots

Landing Page

image

CyberChef

image

image

Grafana

image

IntelOwl

image

IRIS

image

Kibana

image

Getting started

Pre-reqs

Clone

git clone https://github.com/weslambert/velocistack && cd velocistack

Run the installer script

sudo ./install_velocistack

Authentication

Currently, authentication occurs primarily through Velociraptor. It proxies all services, except for IRIS and IntelOwl

Velociraptor credentials:

User: admin

Password: admin

IRIS credentials:

User: administrator

Password: admin

IntelOwl credentials:

Create superuser credentials for IntelOwl by running the following command from the CLI:

sudo docker exec -ti uwsgi python3 manage.py createsuperuser

Web Access

Velociraptor

https://$YOURIP/velocistack

Cyberchef

https://$YOURIP/velocistack/cyberchef

Grafana

https://$YOURIP/velocistack/grafana

IntelOwl

https://$YOURIP:8443

IRIS

https://$YOURIP/

Prometheus

https://$YOURIP/velocistack/prometheus

Kibana

https://$YOURIP/velocistack/kibana

Troubleshooting

If you experience an error with cadvisor and /var/lib/docker, try replacing the volume with /var/snap/docker/common/var-lib-docker/ (for Docker installs that have occurred via snap).

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 84.4%
  • Python 6.7%
  • CSS 3.4%
  • HTML 3.3%
  • SCSS 2.0%
  • Shell 0.1%
  • Other 0.1%