LOKI Logo

LOKI

0
Free
Visit Website

LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection. It is based on four detection methods: 1. File Name IOC: Regex match on full file path/name. 2. Yara Rule Check: Yara signature match on file data and process memory. 3. Hash Check: Compares known malicious hashes (MD5, SHA1, SHA256) with scanned files. 4. C2 Back Connect Check: Compares process connection endpoints with C2 IOCs.

FEATURES

ALTERNATIVES

Tools to export data from MISP MySQL database for post-incident analysis and correlation.

A threat intelligence and vulnerability monitoring platform that aggregates security alerts from trusted sources and provides customizable monitoring and notification capabilities.

RogueApps is a collaborative repository documenting TTPs of malicious OIDC/OAuth 2.0 applications for cybersecurity research and awareness.

Dorothy is a tool to test monitoring and detection capabilities for Okta environments, with modules mapped to MITRE ATT&CK® tactics.

A library of Amazon S3 attack scenarios with mitigation strategies.

Automatically create yara rules based on images embedded in office documents.

Check the reputation of an IP address to identify potential threats.

eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.