GRR 3.4.7.1 ≈ Packet Storm

GRR 3.4.7.1^[6]: Authored by Andreas Moser ^[7], Mikhail Bushkov ^[8], Ben Galehouse ^[9], Milosz Lakomy ^[10] | Site github.com ^[11]; GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.; Changes: Additions include a flow for collecting an identifier of the CrowdStrike agent, a Podman-based zero-setup development environment, and StatMultipleFiles and HashMultipleFiles flows to be used in UIv2. There are also 3 other changes and 9 removals.; systems | unix ^[12]; SHA-256 | eb469beefd85c359a4bae77d5f87adae7f1f584269b4e85902037bde0a694cd2; Download ^[13] | Favorite ^[14] | View ^[15]