Alternatives and similar repositories for Loki-RS

Users that are interested in Loki-RS are comparing it to the libraries listed below

• NextronSystems / evtx-baseline

  View on GitHub
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆86Dec 17, 2025Updated last month
• SigmaHQ / sigma-cli

  View on GitHub
  The Sigma command line interface based on pySigma
  ☆176Feb 5, 2026Updated last week
• Neo23x0 / Loki

  View on GitHub
  Loki - Simple IOC and YARA Scanner
  ☆3,715Jan 12, 2026Updated last month
• ruppde / yara_rules

  View on GitHub
  Yara rules
  ☆22Mar 27, 2023Updated 2 years ago
• JPCERTCC / jpcert-yara

  View on GitHub
  JPCERT/CC public YARA rules repository
  ☆110Nov 14, 2025Updated 3 months ago
• Hexastrike / LockBit-Database-Leak-2025

  View on GitHub
  Structured CSVs and table schemas extracted from the 29-April-2025 LockBit affiliate-panel database leak.
  ☆28May 8, 2025Updated 9 months ago
• AlionGreen / BasicLDR

  View on GitHub
  BasicLDR: A Reflective DLL Loader
  ☆14Jun 11, 2024Updated last year
• The-DFIR-Report / cyberchef-recipes

  View on GitHub
  ☆21May 8, 2022Updated 3 years ago
• tsale / Sigma_rules

  View on GitHub
  Sigma rules to share with the community
  ☆124Jan 29, 2025Updated last year
• dwmetz / Axiom-PowerShell

  View on GitHub
  PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.
  ☆12Aug 26, 2024Updated last year
• FullTang / AndroidPWList

  View on GitHub
  A password list optimized for use on Android devices.
  ☆11Jul 2, 2022Updated 3 years ago
• williamskosasi / Wielview

  View on GitHub
  An open-source computer forensics tool that can display summary as the result of Windows Event Log analysis based on the chosen function(…
  ☆11Feb 2, 2023Updated 3 years ago
• NextronSystems / iocs

  View on GitHub
  Indicators of compromise from to analysis and research by Nextron Threat Research team
  ☆12Sep 17, 2025Updated 4 months ago
• Whee30 / Case-Management-script

  View on GitHub
  A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…
  ☆11Jun 19, 2025Updated 7 months ago
• avast / yari

  View on GitHub
  YARI is an interactive debugger for YARA Language.
  ☆90Sep 10, 2025Updated 5 months ago
• Neo23x0 / YARA-Performance-Guidelines

  View on GitHub
  A guide on how to write fast and memory friendly YARA rules
  ☆164Feb 11, 2025Updated last year
• MrAle98 / Sliver-PortBender

  View on GitHub
  Sliver extension performing TCP redirection tasks without performing cross-process injection.
  ☆68Jan 14, 2025Updated last year
• dfir-dd / dionysos

  View on GitHub
  Scanner for certain IoCs
  ☆11Jan 29, 2025Updated last year
• aaronkaplan / openai-cti-summarizer

  View on GitHub
  Summarize CTI reports with OpenAI
  ☆17Feb 2, 2026Updated last week
• KickedDroid / bof_oxide

  View on GitHub
  A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.
  ☆74Aug 24, 2025Updated 5 months ago
• Yamato-Security / hayabusa

  View on GitHub
  Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
  ☆3,014Feb 4, 2026Updated last week
• MEhrn00 / boflink

  View on GitHub
  Linker for Beacon Object Files
  ☆149Updated this week
• mdecrevoisier / SIGMA-detection-rules

  View on GitHub
  Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques
  ☆412Nov 8, 2025Updated 3 months ago
• Yamato-Security / sigma-to-hayabusa-converter

  View on GitHub
  Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
  ☆16Oct 22, 2025Updated 3 months ago
• MHaggis / SequelEyes

  View on GitHub
  SQL, IIS, Oh My...
  ☆22Feb 24, 2025Updated 11 months ago
• Yamato-Security / hayabusa-sample-evtx

  View on GitHub
  Sample evtx files to use for testing hayabusa detection rules
  ☆64Nov 5, 2025Updated 3 months ago
• kozmer / silentpulse

  View on GitHub
  single-threaded event driven sleep obfuscation poc for linux
  ☆37Jun 14, 2025Updated 8 months ago
• Neo23x0 / Fenrir

  View on GitHub
  Simple Bash IOC Scanner
  ☆773Feb 12, 2022Updated 4 years ago
• Yamato-Security / EnableWindowsLogSettings

  View on GitHub
  Documentation and scripts to properly enable Windows event logs.
  ☆671Oct 3, 2025Updated 4 months ago
• mthcht / ThreatHunting-Keywords-yara-rules

  View on GitHub
  yara detection rules for hunting with the threathunting-keywords project
  ☆157May 11, 2025Updated 9 months ago
• marirs / capa-rs

  View on GitHub
  File Capability Extractor
  ☆14Jul 12, 2025Updated 7 months ago
• MISP / misp-guard

  View on GitHub
  misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based…
  ☆18Jan 9, 2026Updated last month
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,440Oct 12, 2025Updated 4 months ago
• AndrewRathbun / DFIRPowerShellScripts

  View on GitHub
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆51Jan 9, 2026Updated last month
• PenetrumLLC / Malcore-Playbook

  View on GitHub
  Modular framework for automating triaging, malware analysis, and analyst workflows
  ☆44May 2, 2025Updated 9 months ago
• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆778Feb 6, 2026Updated last week
• Neo23x0 / panopticon

  View on GitHub
  A YARA Rule Performance Measurement Tool
  ☆61Feb 26, 2024Updated last year
• Neo23x0 / YARA-Style-Guide

  View on GitHub
  A specification and style guide for YARA rules
  ☆66Feb 17, 2024Updated last year
• VirusTotal / yara-x

  View on GitHub
  A rewrite of YARA in Rust.
  ☆1,031Updated this week