- Course
File Analysis with LOKI
LOKI is an open-source Indicator of Compromise (IOC) scanner utilizing YARA rules with complex sets of characteristics, file hashes, and patterns for malware identification and classification. It includes a predefined rule set and allows user additions.
Intermediate
- Course
File Analysis with LOKI
LOKI is an open-source Indicator of Compromise (IOC) scanner utilizing YARA rules with complex sets of characteristics, file hashes, and patterns for malware identification and classification. It includes a predefined rule set and allows user additions.
Intermediate
Get started today
Access this course and other top-rated tech content with one of our business plans.
Try this course for free
Access this course and other top-rated tech content with one of our individual plans.
This course is included in the libraries shown below:
- Security
What you'll learn
Detecting malware is crucial because it is the first step in safeguarding sensitive information and maintaining system integrity, and plays a critical role in preventing potential disruptions, loss of data, and breaches in privacy, all of which are essential in today's digitally interconnected world. In this course, File Analysis with LOKI, you’ll learn how to utilize LOKI Simple IOC scanner to scan files and potentially discover indicators of compromise to help safeguard your network. First, you’ll discuss what LOKI Simple IOC scanner is and what features it has. Next, you'll use it to scan a couple sample files to see how effective LOKI is in detecting indicators of compromise. Finally, you'll explore how to add newly discovered IOCs from malware analysis triage in any run. When you’re finished with this course, you’ll have the skills and knowledge to run LOKI Simple IOC scanner against files to detect indicators of compromise and add additional IOCs in order to detect potential adversarial activity and reduce security gaps.
File Analysis with LOKI
Intermediate
Table of contents
Brian Dorr is a cybersecurity professional who is very passionate about information security and teaching. Brian has served just under 20 years on Active Duty in the Army and is currently serving as a Cyber Warfare Technician who is a technical advisor and serves as a Defensive Cyber Infrastructure support for 12 teams who rely on him for his technical expertise. He also teaches and mentors cyber security students at Agusta Technical College as an Adjunct Cyber Security Instructor. Brian has led and managed several Defensive Cyber Operation missions to include planning and interfacing with several customers to employ an effective threat focused hunt mission by leverage threat intelligence, hardware resources, personnel talent to align with organizational requirements. Brian continues to frequently contribute to the information security community through his LinkedIn and hosts a website at https://lockeddorrsecurity.com and a blog on medium at https://medium.com/@LDS_Cyber. He currently holds ITIL, CEH, GSEC and has previously held Linux +, Cisco's CCNA Security and CCNA Route and Switch. He has attended several training bootcamps that involved various SANS courses, CompTIA, CISSP, CISM and many others during the course of his career. He also manages two network campuses for the church he attends. During down time, he likes to tinker around in his home lab, ride a motorcycle, spend time with his family, volunteer at his church in student ministry, and lastly, video games.