Skip to content

alph4w0lf/LokiX

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

59 Commits

source

source

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

lokix-banner.png

lokix-banner.png

 
 

screenshots-demo.gif

screenshots-demo.gif

 
 

screenshots-download.gif

screenshots-download.gif

 
 

screenshots-execute.gif

screenshots-execute.gif

 
 

screenshots-update.gif

screenshots-update.gif

 
 

Repository files navigation

LokiX Platform

LokiX Platform is a free open-source solution to help blue teams and threat hunters use "Loki IOC Scanner" to sweep enterprise networks.

Features

  • Sweep thousands of endpoints concurrently.
  • Silent execution.
  • Agent deletes itself after completing its sweep.
  • Centralized storage for Loki scan results.
  • Centralized dashboard to track scans and view scan results.
  • Loki update through the platform.
  • Auto-highlight of key elements of the scan results.
  • IP Spoofing Protection.
  • Agent Exception handling and error reporting.

Supported Systems

Currently Supported

  • Windows Vista (Need to install .NET Framework version 4.5)
  • Windows Server 2008 (Need to install .NET Framework version 4.5)
  • Windows 7
  • Windows 8
  • Windows 10
  • Windows Server 2012
  • Windows Server 2016
  • Windows Server 2019

Planned Support (Not available yet)

  • Linux Operating Systems
  • MacOS

Installation Steps

STEP1: Import LokiX OVA

Download LokiX OVA File: https://github.com/alph4w0lf/LokiX/releases/tag/v1.0

Extract the 7z compressed file contents (Linux):

7z e lokix-virtual-server.7z

Then import it into your favourite virtualization solution.

STEP2: Configure a Static IP Address (Optional)

Login to LokiX system command line using the OS/SSH Default Credentials:

Username: lokix
Password: lokix

Then, follow the instructions for setting a STATIC IP on "Ubuntu Server" in this link: https://linuxconfig.org/how-to-configure-static-ip-address-on-ubuntu-20-04-focal-fossa-desktop-server Then, perform the following instructions to update the backend configurations with the new IP address:

cd /var/www/backend
sudo php artisan config:cache

STEP3: Firewall Rules (Optional)

SOURCE IP                   DESTINATION IP                      PORT                                          REASON
---------------             --------------------                -----------------                             --------------------------
[SCANNED_ENDPOINTS]         [LOKIX_PLATFORM_IP]                 443/tcp (HTTPS)                               For agent<=>platform communication
[LOKIX_PLATFORM_IP]         [INTERNET]                          443/tcp (HTTPS), 53/tcp (DNS)                 For Loki signature updates

STEP4: Antivirus White-listing (Optional)

Type                        Value
--------------              -------------------
FOLDER                      %USERPROFILE%\AppData\Local\Temp\lokix\*
PROCESS                     agent.exe
PROCESS                     loki.exe

Usage Guide

Platform Admin Panel Access

  • Access the platform through the Web Browser:
https://PLATFORM_IP_ADDRESS/
  • Default Credentials:
Username: admin@lokix.local
Password: password

Updating Loki and its Signatures

Download and Execute the Agent on the Systems that needs to be sweeped

Download LokiX Agent:

Execute LokiX Agent:

Demo

Inner Workings

LokiX Back-end

  • PHP Laravel Framework (Web API)
  • Python (Agent Upgrade Script)
  • MySQL DBMS

LokiX Front-end

LokiX Agent

About

Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks

Resources

Readme

License

GPL-3.0 license
Activity

Stars

24 stars

Watchers

5 watching

Forks

3 forks
Report repository

Releases 1

LokiX Platform OVA v1.0 Latest
Aug 7, 2020

Packages

No packages published

Languages