Release 0.6.7
This is the next point release for Velociraptor - Digging deeper!
Read the full release notes here https://docs.velociraptor.app/blog/2022/2022-11-21-release-notes/
Notable feature
- Offline collector and flow exports use the same container format. The container is fully importable containing all the information that should be recreated in the new collection. This makes it possible to archive collections and re-import them easily.
- Offline collector can now encrypt the collection file using X509 or PGP key pairs. This makes it possible to secure the collected file in such a way that it is not possible to derive the password without the server private key.
- Encrypted collection files are automatically decrypted when imported.
- Hunts can be scheduled on multiple orgs in the GUI
- Cell query logs in notebooks is now pageable.
- Collection Uploads tab was reworked to allow downloading sparse files in expanded or compacted form.
- Work on NTFS parser display multiple file paths for the same file (i.e. hard links) as well as better support for NTFS compression.
- Group BY queries now revert to disk when the size of the groups is too large. This allows GROUP BY queries to be run safely on very large data sets without exceeding memory use
- The collection launch wizard now allows a collection to be specified as
urgent
. This allows certain queries to pre-empt larger hunts on busy systems. - Experimental: You can now repack client configuration in the windows MSI directly without needing to install Wix Framework.
- Updates themes - Default theme is now Velociraptor light. You can still use the old theme which had been named Velociraptor Classic.
Including many bug fixes and stability improvements.
Thanks to @clayscode for implementing the encryption/decryption of offline collections!
Thanks to @weslambert for many contributions in this release - many artifacts and fixes.
Thanks to @predictiple for updating all the themes!
Thanks to @jeffmahoney for the user management UI contribution!
Known issues
Release 0.6.7-3 addresses some minor issues and bug fixes. It also adds a User management screen
Release 0.6.7-4 fixes a GUI issue with initial log in for a new user
Release 0.6.7-5 fixes CVE-2023-0242 and CVE-2023-0290 - see release notes https://docs.velociraptor.app/announcements/2023-cves/