Loki

Loki is a powerful and efficient malware and indicator of compromise (IOC) scanner designed to detect and analyze signs of malicious activity on Windows systems. Utilizing a variety of scanning techniques, Loki aims to identify potentially harmful files, processes, and registry entries that may indicate a compromised system. It is particularly useful for incident response and forensic analysis, providing detailed reports of its findings to assist security professionals in mitigating threats.

Key Features

• Signature-Based Scanning: Uses YARA rules and IOC files to identify malware.
• Hash-Based Detection: Checks file hashes against known malicious hashes.
• String Search: Scans files and processes for suspicious strings.
• Process Memory Analysis: Analyzes process memory for anomalies.
• Registry Scanning: Inspects registry entries for signs of compromise.
• File Reputation Check: Verifies file reputation using external services.
• Detailed Reporting: Generates comprehensive reports of scan results.
• Cross-Platform: Primarily designed for Windows but can be used on other platforms with limitations.