THOR Lite is a free, fast, and flexible multi-platform IOC and YARA scanner that includes file system and process scan modules, extracts 'autoruns' information, and supports custom IOCs and signatures. It offers various output formats, scan throttling, and is available for Windows, Linux, and macOS. The scanner is written in Go, pre-compiled for all major platforms, and includes an encrypted open-source signature base. It allows for custom encrypted signatures and has improved performance compared to LOKI. THOR Lite is a limited version of the enterprise scanner THOR, offered for free with a newsletter subscription.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.
A robust endpoint security solution that offers data security, network security, and advanced threat prevention, all managed from a single console to protect your devices and data.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
A comprehensive utility that shows what programs are configured to run during system bootup or login, and when you start various built-in Windows applications.
Cortex XDR is a comprehensive endpoint security solution that blocks advanced attacks with behavioral threat protection, AI, and cloud-based analysis, and provides complete endpoint security and lightning-fast investigation and response.
CrowdStrike Falcon is a unified cybersecurity platform providing complete protection through its AI-native XDR platform.
A single cybersecurity platform that provides holistic security management, prevention, detection, and response capabilities powered by AI and threat intelligence, designed to simplify and converge security operations in diverse hybrid IT environments.
Event Log Explorer is a software solution for viewing, analyzing, and monitoring events recorded in Microsoft Windows event logs, offering advanced features and efficient filtering capabilities.
Microsoft Defender for Endpoint is a comprehensive endpoint security solution that provides industry-leading, multi-platform detection and response capabilities.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.