Velociraptor Endpoint Agent Integration
Velociraptor is an endpoint agent that allows us (among other things): interrogate agents, run custom hunts (using their "VQL" syntax, download/upload/execute/delete files, perform triage and forensic acquisition, stop/start processes, and quarantine endpoints. It would be great to be able to plug into these agents from Siemplify to perform actions, return results, and list agents. The API is very open and Python friendly.
Velociraptor API: https://www.velocidex.com/docs/user-interface/api/