DFIR IRIS Module Velociraptor Artifact - socarium/makarasoc GitHub Wiki

Velociraptor Artifact Module

Collect Artifact a Windows or Linux Endpoint using Velociraptor.

The module is built for the below Asset types:

  • Windows
  • Linux
  1. Select DFIR IRIS Module Velociraptor Artifact.

  1. Once deployment finish, Access DFIR-IRIS from your Browser App.

  1. Open the DFIR-IRIS via Browser App.

  2. Navigate to Advanced -> Modules.

  1. Add a new module.

  1. Input the Module name: iris_velociraptorartifact_module

  1. Select Validate module. The module will be automatically registered and activated.