Velociraptor Forensic MCP Server
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Velociraptor Forensic MCP ServerCollect user list from workstation-01"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
๐ฆ Velociraptor Forensic MCP Server
Turn Claude Desktop into a DFIR workstation.
A unified Model Context Protocol (MCP) server that connects Claude Desktop to your Velociraptor instance AND local forensic tools. Remote endpoint investigation + local evidence analysis in one server. Docker deployment for Velociraptor included.
What This Does
Instead of switching between the Velociraptor GUI, terminal VQL sessions, and forensic scripts, you talk to Claude and it runs them for you. Ask Claude to:
"Look up workstation-01 and tell me when it was last seen" โ Queries Velociraptor for client info
"Collect the user list from that endpoint" โ Starts a
Linux.Sys.Usersartifact collection and retrieves results"Hash all files in /evidence/malware-samples/" โ Recursively SHA-256 hashes a local directory
"Check syslog for any mentions of that binary" โ Scans system logs with keyword search
"Cross-reference the file metadata with log entries" โ Correlates timestamps, hashes, and log hits into a forensic report
"Run a VQL query to show all running processes on the endpoint" โ Executes custom VQL directly
All results come back in the chat. No copy-pasting. No tab switching. Full forensic chain from endpoint to evidence.
Related MCP server: Velociraptor MCP
๐ ๏ธ Integrated Tools (12)
Remote โ Velociraptor (vr_*)
Tool | Description |
vr_authenticate | Test gRPC connection to Velociraptor |
vr_get_agent_info | Look up a client by hostname โ client_id, OS, agent version, last seen |
vr_run_vql | Execute arbitrary VQL queries on the server |
vr_list_artifacts | List all available client artifacts with descriptions |
vr_artifact_details | Get full specs for a specific artifact |
vr_collect_artifact | Start artifact collection on a remote endpoint (returns flow_id) |
vr_get_collection_results | Poll and retrieve completed collection results (with retry logic) |
Local Forensic (local_*)
Tool | Description |
local_file_metadata | SHA-256, size, timestamps for a file (sandboxed to SAFE_BASE) |
local_hash_directory | Recursively hash every file in a directory |
local_scan_syslog | Search Linux syslog or macOS unified log by keyword |
local_correlate | Cross-reference file metadata with log entries |
local_forensic_report | Generate structured forensic report combining file + log data |
Key Features
Dual-mode: Either toolkit works independently โ deploy with just Velociraptor, just local tools, or both
Path sandboxing: All local_* tools validate paths stay within SAFE_BASE
Async flow polling: Collection results auto-retry until the flow completes
Multi-source artifacts: Handles artifacts with multiple data sources automatically
Tool filtering: Disable individual tools via DISABLED_TOOLS env var
Read-only mode: Block write operations (artifact collection) with READ_ONLY=true
๐ Quick Start
Prerequisites
Docker & Docker Compose
Python 3.11+
Claude Desktop
1. Deploy Velociraptor (Docker)
cd docker/
docker compose up -d
# Wait ~30 seconds for initialization
docker logs velociraptor --tail 10
# Should see: "Starting gRPC API server" and "Frontend is ready"Default GUI: https://localhost:9889 (admin/admin โ change this!)
2. Generate API Key
chmod +x generate-api-key.sh
./generate-api-key.shThis creates api.config.yaml with the gRPC credentials and automatically fixes the connection string for host access.
3. Install the MCP Server
cd ../
python3.11 -m venv .venv && source .venv/bin/activate
pip install -e ".[dev]"4. Configure
cp .env.example .env
# Edit .env โ set your paths:
# VELOCIRAPTOR_API_KEY=/path/to/api.config.yaml
# SAFE_BASE=/home/youruser/evidence5. Configure Claude Desktop
Add to ~/.config/Claude/claude_desktop_config.json (Linux) or ~/Library/Application Support/Claude/claude_desktop_config.json (macOS):
{
"mcpServers": {
"velociraptor-forensic": {
"command": "/path/to/velociraptor-forensic-mcp/.venv/bin/python",
"args": ["-m", "velociraptor_forensic_mcp"],
"cwd": "/path/to/velociraptor-forensic-mcp",
"env": {
"VELOCIRAPTOR_API_KEY": "/path/to/api.config.yaml",
"VELOCIRAPTOR_SSL_VERIFY": "false",
"SAFE_BASE": "/home/youruser/evidence",
"LOG_LEVEL": "INFO"
}
}
}
}6. Restart Claude Desktop
The tools will appear automatically. Start investigating.
๐ Environment Variables
Variable | Description | Default | Required |
| Path to api.config.yaml | โ | For remote tools |
| Verify gRPC TLS certs |
| |
| gRPC timeout (seconds) |
| |
| Root directory for local forensic tools | โ | For local tools |
| Bind host for SSE transport |
| |
| Bind port for SSE transport |
| |
| DEBUG/INFO/WARNING/ERROR |
| |
| Comma-separated tool names to disable | โ | |
| Block artifact collection |
|
๐ณ Docker Velociraptor Setup
The docker/ folder contains everything to run Velociraptor in Docker with ports mapped to avoid common conflicts:
Host Port | Service | Purpose |
9000 | Client frontend | Velociraptor agent check-in |
9001 | gRPC API | MCP server connects here |
9889 | Web GUI | Your browser |
Enrolling a Test Client
To enroll the machine running Docker as a Velociraptor client:
cd docker/
# Copy client binary and config
docker cp velociraptor:/velociraptor/clients/linux/velociraptor_client_repacked ./velociraptor_client
chmod +x velociraptor_client
docker exec velociraptor cat client.config.yaml > client.config.yaml
sed -i 's|https://VelociraptorServer:8000/|https://localhost:9000/|' client.config.yaml
# Run the client (Ctrl+C to stop)
sudo ./velociraptor_client --config client.config.yaml client -v๐ก Usage Examples
Full Endpoint Investigation
"Look up the endpoint pop-os, collect its user list, and check syslog for any suspicious entries"
Claude chains: vr_get_agent_info โ vr_collect_artifact โ vr_get_collection_results โ local_scan_syslog
File Integrity Check
"Hash all files in /evidence/case-2024/ and check if any appear in the system logs"
Claude chains: local_hash_directory โ local_correlate for each suspicious file
Custom VQL Investigation
"Run a VQL query to show me all listening network connections on client C.1393a876d1c48287"
Claude uses vr_collect_artifact with Linux.Network.Netstat or writes custom VQL via vr_run_vql
Quick Triage
"Scan syslog for 'authentication failure' and give me a summary"
Claude uses local_scan_syslog and synthesizes the results
๐ Project Structure
velociraptor-forensic-mcp/
โโโ velociraptor_forensic_mcp/
โ โโโ __init__.py # Package metadata
โ โโโ __main__.py # CLI entry point
โ โโโ config.py # Dataclass configs (Velociraptor, Forensic, Server)
โ โโโ exceptions.py # Custom exception hierarchy
โ โโโ vr_client.py # Velociraptor gRPC client
โ โโโ forensic_helpers.py # Local forensic functions
โ โโโ server.py # FastMCP server with all tools/prompts/resources
โโโ docker/
โ โโโ docker-compose.yaml # Velociraptor Docker deployment
โ โโโ generate-api-key.sh # API key generation script
โโโ tests/
โ โโโ test_forensic.py # Unit tests
โโโ pyproject.toml # Python packaging
โโโ .env.example # Configuration template
โโโ README.md๐ Security
API key protection:
api.config.yamlcontains a private key โchmod 600itPath sandboxing: All local tools are restricted to the SAFE_BASE directory
Least privilege: Generate API keys with
--role api,investigatornotadministratorTool filtering: Disable tools you don't need via DISABLED_TOOLS
Read-only mode: Set
READ_ONLY=trueto prevent artifact collectionNever commit
api.config.yamlor.envto version control
๐งช Running Tests
source .venv/bin/activate
pytest -v๐๏ธ Architecture
This server combines two open-source projects into a unified MCP interface:
Remote tools adapted from socfortress/velociraptor-mcp-server (gRPC operations)
Local tools adapted from axdithyaxo/mcp-forensic-toolkit (sandboxed file analysis)
Both toolkits activate independently based on which environment variables are set. You can run Velociraptor-only, local-only, or both together.
โ ๏ธ Legal Disclaimer
This tool is intended for authorized digital forensics and incident response only. Always ensure you have proper authorization before collecting artifacts from endpoints. Unauthorized access to computer systems is illegal.
๐ค Contributing
Pull requests welcome. To add a new tool:
Add the function in
forensic_helpers.py(local) orvr_client.py(remote)Create a Pydantic input model in
server.pyRegister the tool in
_register_forensic_tools()or_register_velociraptor_tools()Add tests
Submit a PR
๐ฌ Contact
Discord: sgtwolf787
GitHub: @Hackerobi
White hat or no hat ๐ฉ
Built with Claude. Tested on live Velociraptor deployment. Stay legal.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/Hackerobi/velociraptor-forensic-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server