GRR Rapid Response is an incident response framework focused
on remote live forensics. The goal of GRR is to support forensics
and investigations in a fast, scalable manner to allow analysts to
quickly triage attacks and perform analysis remotely. GRR consists
of 2 parts: client and server. GRR client is deployed on systems
that one might want to investigate. On every such system, once
deployed, GRR client periodically polls GRR frontend servers for
work. "Work" means running a specific action: downloading file,
listing a directory, etc. GRR server infrastructure consists of
several components (frontends, workers, UI servers) and provides
web-based graphical user interface and an API endpoint that allows
analysts to schedule actions on clients and view and process
collected data.
Read more https://packetstormsecurity.com/files/175375/grr-3.4.7.1-release.tar.gz