Data verified May 2026
ADYour product here. Reach security decision-makers.Launch a campaignLOKI Description
LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection. It is based on four detection methods: 1. File Name IOC: Regex match on full file path/name. 2. Yara Rule Check: Yara signature match on file data and process memory. 3. Hash Check: Compares known malicious hashes (MD5, SHA1, SHA256) with scanned files. 4. C2 Back Connect Check: Compares process connection endpoints with C2 IOCs.
LOKI FAQ
Common questions about LOKI including features, pricing, alternatives, and user reviews.
LOKI is LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection. It is a Security Operations solution designed to help security teams with IOC, YARA.
LOKI is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/Neo23x0/Loki/ for download and installation instructions.
Popular alternatives to LOKI include:
1.Managed Agentic Threat Hunting - Managed Agentic Threat Hunting Service (IOC sweeps and hypothesis based hunting) (Commercial)
2.Cythereal MAGIC™ - Malware hunting platform that auto-generates YARA rules from shared code analysis. (Commercial)
3.Stairwell - File analysis & threat intel search engine for SOC and IR teams. (Commercial)
4.Stairwell Variant Discovery - Expands a single malware hash into full family visibility via structural analysis. (Commercial)
5.Signature-Base - YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs. (Free)
Compare all LOKI alternatives at https://cybersectools.com/alternatives/loki
LOKI is for security teams and organizations that need IOC, YARA. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations
Have more questions? Browse our categories or search for specific tools.
