1 مستودع
Listing and identifying available Volume Shadow Copy snapshots for historical filesystem analysis.
Distinct from Volume Shadow Copy Abuse: Focuses on the discovery and listing of snapshots for forensics, distinct from the offensive abuse of those snapshots.
Explore 1 awesome GitHub repository matching operating systems & systems programming · Volume Shadow Copy Enumerations. Refine with filters or upvote what's useful.
Velociraptor is a digital forensics and incident response platform, endpoint detection and response system, and visibility tool. It provides a query engine and remote forensic collector used to hunt for indicators of compromise and perform triage across a fleet of hosts. The system is distinguished by its specialized query language for interrogating host state and parsing binary files. It features a notebook environment that combines markdown documentation with executable query cells to standardize investigative workflows and enable collaborative reporting. The platform covers a wide range o
Velociraptor lists available VSS snapshots to allow filesystem analysis of previous system states.