GRR Rapid Response is an incident response framework focused on remote live forensics.
It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients.
The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely.
GRR on GitHub¶
GRR is open source (Apache License 2.0) and is developed on GitHub: github.com/google/grr
- GitHub issues: github.com/google/grr/issues
- GRR Users mailing list: grr-users
- Follow us on twitter for announcements of GRR user meetups. We use a gitter chat room during meetups.