Loki

Loki copied to clipboard

Add YARA repositories manually

2

Would be nice if this could be included. I guess I could just update the UPDATE_URL_SIGS with the URLs (?), but a command would be nice.

zaqes

(Feature) MD5/SHA1/SHA256 whitelist for false alarm files

1

I observed that the excluding config can whitelist certain folders/files but I wonder how to whitelist the MD5/SHA1/SHA256 instead of the file? This could be very useful for web server...

windhamwong

[ERROR] Error while initializing Yara rule yara_mixed_ext_vars.yar ERROR: line 547: syntax error Traceback (most recent call last): File "loki.py", line 1136, in initialize_yara_rules compiledRules = yara.compile(source=yara_rule_data, externals={ yara.SyntaxError: line 547:...

BirzhanTazhibayev

[ERROR] Error while initializing Yara rule thor_inverse_matches.yar ERROR: line 554: syntax error Traceback (most recent call last): File "loki.py", line 1136, in initialize_yara_rules compiledRules = yara.compile(source=yara_rule_data, externals={ yara.SyntaxError: line 554:...

BirzhanTazhibayev

Loki triggers als false warning withe the file C:\Program Files\DigiDNA\iMazing\manifests\com.apple.declarations.plist which is part of the iMazing software. VirusTotal.com checked it and it seems clean.

ThalionD

\loki_0.51.0\loki\signature-base\yara\gen_mal_scripts.yar is infected with Generic.Bat.Downloader.1.DDAD1A80 So false positive, or?

CorporallClegg