THOR Lite is a free, fast, and flexible multi-platform IOC and YARA scanner that includes file system and process scan modules, extracts 'autoruns' information, and supports custom IOCs and signatures. It offers various output formats, scan throttling, and is available for Windows, Linux, and macOS. The scanner is written in Go, pre-compiled for all major platforms, and includes an encrypted open-source signature base. It allows for custom encrypted signatures and has improved performance compared to LOKI. THOR Lite is a limited version of the enterprise scanner THOR, offered for free with a newsletter subscription.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Endpoint security solution for businesses with advanced threat protection and management
Unified defense platform providing endpoint protection, extended detection and response, threat hunting, and digital forensics and incident response.
Toolkit for building custom minimal, immutable Linux distributions with secure defaults.
A comprehensive utility that shows what programs are configured to run during system bootup or login, and when you start various built-in Windows applications.
Symantec Enterprise Cloud provides comprehensive cybersecurity for large enterprises, with a focus on data-centric hybrid security and innovation in threat and data protection.
A modern tool for Windows kernel exploration and observability with a focus on security.
Monitor WMI consumers and processes for potential malicious activity
Endpoint security platform using Moving Target Defense to prevent cyber attacks and provide adaptive exposure management and threat prevention.
A Python library for loading and executing Beacon Object Files (BOFs) in-memory.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.