{"id":22914097,"url":"https://github.com/suse/linux-security-sensor","last_synced_at":"2025-05-12T13:43:26.090Z","repository":{"id":37085142,"uuid":"450598819","full_name":"SUSE/linux-security-sensor","owner":"SUSE","description":"Linux security sensor","archived":false,"fork":false,"pushed_at":"2025-03-20T09:39:54.000Z","size":63913,"stargazers_count":19,"open_issues_count":8,"forks_count":9,"subscribers_count":13,"default_branch":"main","last_synced_at":"2025-03-26T18:54:37.912Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SUSE.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-01-21T18:26:35.000Z","updated_at":"2024-10-22T21:02:28.000Z","dependencies_parsed_at":"2024-06-25T21:28:28.219Z","dependency_job_id":"713b8b03-109e-4112-942d-224620506dc8","html_url":"https://github.com/SUSE/linux-security-sensor","commit_stats":{"total_commits":1231,"total_committers":48,"mean_commits":"25.645833333333332","dds":0.4061738424045491,"last_synced_commit":"bce3e978ef787011a9f88787638c685a1b4ee6ad"},"previous_names":[],"tags_count":77,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SUSE%2Flinux-security-sensor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SUSE%2Flinux-security-sensor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SUSE%2Flinux-security-sensor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SUSE%2Flinux-security-sensor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SUSE","download_url":"https://codeload.github.com/SUSE/linux-security-sensor/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253749528,"owners_count":21958142,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-14T05:13:19.894Z","updated_at":"2025-05-12T13:43:26.066Z","avatar_url":"https://github.com/SUSE.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Velociraptor - Endpoint visibility and collection tool.\n\nVelociraptor is a tool for collecting host based state information\nusing The Velociraptor Query Language (VQL) queries.\n\nTo learn more about Velociraptor, read the documentation on:\n\nhttps://docs.velociraptor.app/\n\n## Quick start\n\nIf you want to see what Velociraptor is all about simply:\n\n1. Download the binary from the release page for your favorite platform (Windows/Linux/MacOS).\n\n2. Start the GUI\n\n```bash\n  $ velociraptor gui\n```\n\nThis will bring up the GUI, Frontend and a local client. You can\ncollect artifacts from the client (which is just running on your own\nmachine) as normal.\n\nOnce you are ready for a full deployment, check out the various deployment options at\nhttps://docs.velociraptor.app/docs/deployment/\n\n## Training\n\nWe have our complete training course (7 sessions x 2 hours each)\nhttps://docs.velociraptor.app/training/\n\nThe course covers many aspects of Velociraptor in detail.\n\n## Running Velociraptor via Docker\n\nTo run a Velociraptor server via Docker, follow the instructions here:\nhttps://github.com/weslambert/velociraptor-docker\n\n## Running Velociraptor locally\n\nVelociraptor is also useful as a local triage tool. You can create a self contained local collector using the GUI:\n\n1. Start the GUI as above (`velociraptor gui`).\n\n2. Select the `Server Artifacts` sidebar menu, then `Build Collector`.\n\n3. Select and configure the artifacts you want to collect, then select\n   the `Uploaded Files` tab and download your customized collector.\n\n## Building from source\n\nTo build from source, make sure you have a recent Golang installed\nfrom https://golang.org/dl/ (Currently at least Go 1.14) and the go\nbinary is on your path. In addition make sure the GOBIN directory is\nalso on your path (Defaults are: on linux and mac `~/go/bin`, on\nWindows `c:\\\\Users\\\\\u003cusername\u003e\\\\go\\\\bin`) :\n\n```bash\n    $ git clone https://github.com/Velocidex/velociraptor.git\n    $ cd velociraptor\n\n    # This will build the GUI elements. You will need to have node\n    # installed first. For example get it from\n    # https://nodejs.org/en/download/.\n    $ cd gui/velociraptor/\n    $ npm install\n\n    # This will build the webpack bundle\n    $ make build\n\n    # To build a dev binary just run make.\n    # NOTE: Make sure ~/go/bin is on your path -\n    # this is required to find the Golang tools we need.\n    $ cd ../..\n    $ make\n\n    # To build production binaries\n    $ make linux\n    $ make windows\n```\n\n## Getting the latest version\n\nWe have a pretty frequent release schedule but if you see a new\nfeature submitted that you are really interested in, we would love to\nhave more testing prior to the official release.\n\nWe have a CI pipeline managed by GitHub actions. You can see the\npipeline by clicking the actions tab on our GitHub project. There are\ntwo workflows:\n\n1. Windows Test: this workflow builds a minimal version of the\n   Velociraptor binary (without the GUI) and runs all the tests on\n   it. We also test various windows support functions in this\n   pipeline. This pipeline builds on every push in each PR.\n\n2. Linux Build All Arches: This pipeline builds complete binaries for\n   many supported architectures. It only runs when the PR is merged\n   into the master branch. To download the latest binaries simply\n   select the latest run of this pipeline, scroll down the page to the\n   \"Artifacts\" section and download the *Binaries.zip* file (Note you\n   need to be logged into GitHub to see this).\n\nIf you fork the project on GitHub, the pipelines will run on your own\nfork as well as long as you enable GitHub Actions on your fork. If you\nneed to prepare a PR for a new feature or modify an existing feature\nyou can use this to build your own binaries for testing on all\narchitectures before send us the PR.\n\n## Supported platforms\n\nVelociraptor is written in Golang and so is available for all the\nplatforms [supported by Go](https://github.com/golang/go/wiki/MinimumRequirements).\nThis means that Windows XP and Windows server 2003 are **not**\nsupported but anything after Windows 7/Vista is.\n\nWe build our releases on Centos 6 (x64) for Linux and Sierra for MacOS\nso earlier platforms may not be supported by our release pipeline. If\nyou need 32 bit builds you will need to build from source. You can do\nthis easily by forking the project on GitHub, enabling GitHub Actions\nin your fork and editing the `Linux Build All Arches` pipeline.\n\n## Artifact Exchange\n\nVelociraptor's power comes from `VQL Artifacts`, that define many\ncapabilities to collect many types of data from endpoints.\nVelociraptor comes with many built in `Artifacts` for the most common\nuse cases. The community also maintains a large number of additional\nartifacts through the [Artifact Exchange](https://docs.velociraptor.app/exchange/).\n\n## Getting help\n\nQuestions and feedback are welcome at\nvelociraptor-discuss@googlegroups.com (or\nhttps://groups.google.com/g/velociraptor-discuss)\n\nYou can also chat with us directly on discord https://docs.velociraptor.app/discord\n\nFile issues on https://github.com/Velocidex/velociraptor\n\nRead more about Velociraptor on our blog:\nhttps://docs.velociraptor.app/blog/\n\nHang out on Medium https://medium.com/velociraptor-ir\n\nFollow us on Twitter [@velocidex](https://twitter.com/velocidex)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsuse%2Flinux-security-sensor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsuse%2Flinux-security-sensor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsuse%2Flinux-security-sensor/lists"}