THOR is a portable scanner for attacker tools and activity on suspicious or compromised server systems.
Recent updates
- Using the Most Up-to-Date "SigDev" Signatures for THOR Scans
- contributed about 2 hours ago
- Steps to Check Signatures, Search the VALHALLA Database and Scan for Specific Threats
- contributed Feb 27, 2026
- THOR Scan Error: No rules with DEEPSCAN tag found
- contributed Feb 27, 2026
- THOR in Lab-Mode does not scan network or external drives
- contributed Feb 25, 2026
- Automating THOR Scans on macOS
- contributed Feb 23, 2026
Resources
-
Changelog (Current Version: 10.7.28)