0xmachos / apps-behaving-badlyView external linksLinks
List of legitimate macOS apps doing not great things
☆35Feb 11, 2022Updated 4 years ago
Alternatives and similar repositories for apps-behaving-badly
Users that are interested in apps-behaving-badly are comparing it to the libraries listed below
Sorting:
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Framework to Build Stepped Wizards in SwiftUI☆24May 12, 2022Updated 3 years ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆40Jul 27, 2021Updated 4 years ago
- Payload designed for targeting Jamf enrolled devices.☆39May 19, 2023Updated 2 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆44Oct 29, 2024Updated last year
- Enumerate Location Services using CoreLocation API on macOS☆18Dec 2, 2021Updated 4 years ago
- An iOS app for Jamf Pro Cloud Server☆11May 27, 2021Updated 4 years ago
- Swift-based fuzzing tools☆21May 22, 2023Updated 2 years ago
- Mapping XProtect's obfuscated malware family names to common industry names.☆92Nov 14, 2025Updated 3 months ago
- Track Apple software update changes with Github Actions☆27Feb 11, 2022Updated 4 years ago
- Provides an easy way to collect and send Slack access & integration logs.☆13Oct 19, 2021Updated 4 years ago
- JXA script to allow programmatic persistence via macOS Calendar.app alerts.☆44Oct 31, 2020Updated 5 years ago
- Discover which process execute a hunted binary inside macOS☆27Dec 15, 2021Updated 4 years ago
- Mythic Developer Series: Workshop Golang Agent☆26Jun 27, 2023Updated 2 years ago
- Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…☆98Sep 14, 2022Updated 3 years ago
- A python script to authenticate with the Jamf Pro API☆11Jun 23, 2022Updated 3 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 3 years ago
- CoreFollowUp phishing attack on macOS☆15Mar 15, 2022Updated 3 years ago
- ☆17Sep 10, 2021Updated 4 years ago
- Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens☆48Apr 15, 2021Updated 4 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆15Dec 3, 2020Updated 5 years ago
- Swift code to programmatically perform dylib injection☆52Oct 29, 2022Updated 3 years ago
- A library to parse macOS LoginItems☆18Aug 28, 2022Updated 3 years ago
- Parser fo macOS/iOS FSEvents Logs☆43May 6, 2024Updated last year
- Various scripts for macOS tasks☆141Nov 24, 2025Updated 2 months ago
- Catalog Red Team techniques that cause popups in various macOS versions☆15Nov 18, 2024Updated last year
- ☆15May 26, 2021Updated 4 years ago
- Collection of scripts to help manage macOS☆15Dec 2, 2020Updated 5 years ago
- Script to Install or Update a macOS Application Inside a DMG.☆18Jun 11, 2020Updated 5 years ago
- Spins up a docker container with several useful tools for offensive security in macOS/cloud environments. Also installs the needed depend…☆18Nov 3, 2021Updated 4 years ago
- An Ubuntu 18.04 box for Mythic C2 framework development☆17Jun 17, 2022Updated 3 years ago
- Dotfiles and scripts to configure macOS the way I like it. Caveat emptor 😉🔥☆37Feb 7, 2026Updated last week
- ☆187Apr 26, 2021Updated 4 years ago
- ☆19Aug 4, 2021Updated 4 years ago
- A CLI tool for leveraging IDP signing keys to impersonate users and groups☆19Apr 1, 2021Updated 4 years ago
- JSS config migration script via API☆17Jul 19, 2023Updated 2 years ago
- A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface☆17Jan 10, 2020Updated 6 years ago