Threat Hunting III: Hunting with Velociraptor

Adam Goss
11 min readNov 8, 2022

Welcome to the third installment in this threat hunting series!

If you’ve been following along so far you should have a virtualized environment all set up and ready to hunt using the DFIR tool Velociraptor. However, if you are just joining please see my previous article Threat Hunting II: Environment Setup to get up to speed. This installment will focus on using Velociraptor’s hunting capabilities to identify malicious activity associated with real-world malware and threat actors. Let’s begin!

Adam Goss

Cyber Security Professional | Red Teamer | Adversary Emulator | Malware Analysis | Threat Hunter | Automator