Odin is a central IoC scanner based on Loki.
This application Loki latest version and download it on all machines using a powershell script and run it then this app receives the respose from all machines and parse the feed in CSV form.
Odin download and extract the latest version on Loki and start HTTP server to deliver the executable (Loki) to all machines.
This step has ti be done manually using powershell script on a DC machine or suing domain admin account which the script deliver loki to all machines and start updating. The script is in Configurations tab and you can modiy the scipt as needed.
Start the listener then from the powershell script start Loki to search for IoCs and results will be sent from Loki to Odin
Collected logs will be parsed and can be exported as CSV file to be handled with something else like ELK.
The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…
Introduction In digital investigations, images often hold more information than meets the eye. With the…
The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…
What is a Port? A port in networking acts like a gateway that directs data…
The ls command is fundamental for anyone working with Linux. It’s used to display the files and…
The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…