LOKI Logo

LOKI

0
Free
Visit Website

LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection. It is based on four detection methods: 1. File Name IOC: Regex match on full file path/name. 2. Yara Rule Check: Yara signature match on file data and process memory. 3. Hash Check: Compares known malicious hashes (MD5, SHA1, SHA256) with scanned files. 4. C2 Back Connect Check: Compares process connection endpoints with C2 IOCs.

FEATURES

ALTERNATIVES

Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.

Proof-of-concept implementation of TAXII services for developers and non-developers.

BotScout.com provides proactive bot detection, screening, and banning through a powerful API.

C# wrapper around Yara pattern matching library with Loki and Yara signature support.

Scan files with Yara, match findings to VirusTotal comments.

Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.

A modular malware collection and processing framework with support for various threat intelligence feeds.

CRITs is an open source malware and threat repository for collaborative threat defense and analysis.