Loki

Loki Overview

Loki is a stage-1 command and control (C2) framework developed for red team operations, specifically designed for script-jacking vulnerable Electron applications.

Key Features

• Backdooring & Hollowing: Enables the backdooring of signed Electron apps without invalidating their code signing signatures.
• Evasion Techniques: Leverages trusted, signed Electron apps to evade security software and application controls.
• Easy Integration: All agent commands are written in native Node.js, requiring no additional dependencies.
• User-Friendly GUI: A simplified GUI client for configuring and monitoring the Loki framework.
• Future-Ready: Continues to evolve with upcoming features and tools for security testing.

Benefits

• Robust Security Testing: Ideal for red team operations to test the security of Electron applications.
• Stealthy Operations: Maintains the normal functioning of the backdoored application while executing Loki commands.
• Detailed Instructions: Comprehensive guides for installation, configuration, and operation, making it easier for security professionals to deploy.

Highlights

• Developed specifically for exploiting Electron applications as per MITRE ATT&CK T1218.015.
• Contains tutorials and videos for practical demonstrations and setups.
• Open-source project contributing to the broader community of penetration testing and security research.

License

Licensed under the Business Source License 1.1, with non-commercial use permitted and future transition to Apache 2.0 in April 2030.