Loki Overview
Loki is a stage-1 command and control (C2) framework developed for red team operations, specifically designed for script-jacking vulnerable Electron applications.
Key Features
- Backdooring & Hollowing: Enables the backdooring of signed Electron apps without invalidating their code signing signatures.
- Evasion Techniques: Leverages trusted, signed Electron apps to evade security software and application controls.
- Easy Integration: All agent commands are written in native Node.js, requiring no additional dependencies.
- User-Friendly GUI: A simplified GUI client for configuring and monitoring the Loki framework.
- Future-Ready: Continues to evolve with upcoming features and tools for security testing.
Benefits
- Robust Security Testing: Ideal for red team operations to test the security of Electron applications.
- Stealthy Operations: Maintains the normal functioning of the backdoored application while executing Loki commands.
- Detailed Instructions: Comprehensive guides for installation, configuration, and operation, making it easier for security professionals to deploy.
Highlights
- Developed specifically for exploiting Electron applications as per MITRE ATT&CK T1218.015.
- Contains tutorials and videos for practical demonstrations and setups.
- Open-source project contributing to the broader community of penetration testing and security research.
License
Licensed under the Business Source License 1.1, with non-commercial use permitted and future transition to Apache 2.0 in April 2030.