LOKI Logo

LOKI

0
Free
Visit Website

LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection. It is based on four detection methods: 1. File Name IOC: Regex match on full file path/name. 2. Yara Rule Check: Yara signature match on file data and process memory. 3. Hash Check: Compares known malicious hashes (MD5, SHA1, SHA256) with scanned files. 4. C2 Back Connect Check: Compares process connection endpoints with C2 IOCs.

FEATURES

ALTERNATIVES

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring.

Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.

TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.

Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.

A library of event-based analytics written in EQL to detect adversary behaviors, now integrated into the Detection Engine of Kibana.

A modular malware collection and processing framework with support for various threat intelligence feeds.

A free software that calculates the security ranking of Internet Service Providers to detect malicious activities.

A threat intelligence domain/IP/hash threat feeds checker that checks IPVoid, URLVoid, Virustotal, and Cymon.

PINNED