When thinking about memory analysis do you immediately think a memory image? Did you know Velociraptor has powerful live memory analysis capabilities, that can be applied at scale? In my latest post I cover some memory analysis capabilities and how they can be used to detect inline DLL hooking.

When analyzing Triage collections with Velociraptor, do you ever wish you could go back and re-collect some other files that later became relevant? I have written a blog post on adaptive triage collections. docs.velociraptor.app/blog/2025/20... #velociraptor #dfir #digitalforensics #triage

At this year's AusCERT conference we presented "Sigma and Detection Engineering with Velociraptor". Learn how to implement real time Sigma detection with forensic enhancements. Full presentation youtube.com/watch?v=3EBr... and slides docs.velociraptor.app/presentation...