macOS persistence tool
☆229Feb 9, 2022Updated 4 years ago
Alternatives and similar repositories for PoisonApple
Users that are interested in PoisonApple are comparing it to the libraries listed below
Sorting:
- Collection of macOS persistence methods and miscellaneous tools in JXA☆288Aug 3, 2023Updated 2 years ago
- macOS Initial Access Payload Generator☆323Jan 10, 2024Updated 2 years ago
- A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens☆340Apr 28, 2022Updated 3 years ago
- ☆15May 26, 2021Updated 4 years ago
- ObjectiveC CLI tool for interacting with macOS Keychain☆82Oct 10, 2022Updated 3 years ago
- JXA script to allow programmatic persistence via macOS Calendar.app alerts.☆44Oct 31, 2020Updated 5 years ago
- ☆108Oct 14, 2021Updated 4 years ago
- Proxy Unix applications in the terminal☆116Apr 14, 2021Updated 4 years ago
- ☆121Jun 17, 2022Updated 3 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Payload designed for targeting Jamf enrolled devices.☆39May 19, 2023Updated 2 years ago
- Self-developed tools for Lateral Movement/Code Execution☆718Aug 17, 2021Updated 4 years ago
- Overlord - Red Teaming Infrastructure Automation☆627May 28, 2024Updated last year
- Red Team tool for exfiltrating the target organization's Google People Directory that you have access to, via Google's API.☆58Sep 2, 2021Updated 4 years ago
- Example VBA Macro for MacOS Mojave☆67Oct 31, 2018Updated 7 years ago
- JXA situational awareness helper by simply reading specific files on a filesystem☆82Feb 17, 2026Updated last week
- PCIDriverKit proof-of-concept for CVE-2022-26763☆37Jul 2, 2022Updated 3 years ago
- Router socks. One port socks for all the others.☆69May 22, 2024Updated last year
- Execute MachO binaries in memory using CGo☆79May 24, 2021Updated 4 years ago
- Pass the Hash to a named pipe for token Impersonation☆146May 1, 2021Updated 4 years ago
- Swift code to programmatically perform dylib injection☆52Oct 29, 2022Updated 3 years ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆40Jul 27, 2021Updated 4 years ago
- (kinda) Malicious Outlook Reader☆138Mar 3, 2021Updated 4 years ago
- ☆576Jul 12, 2025Updated 7 months ago
- Zoom Persistence Aggressor and Handler☆55Mar 24, 2021Updated 4 years ago
- d(ockerp)wn - a docker pwn tool manager☆156Jun 8, 2021Updated 4 years ago
- A VSCode devcontainer for development of COFF files with batteries included.☆50Jul 10, 2023Updated 2 years ago
- Tracking of offensive macOS tooling, blogs, and related helpful information☆192Nov 18, 2024Updated last year
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆15Dec 3, 2020Updated 5 years ago
- A C2 post-exploitation framework☆482Jan 24, 2024Updated 2 years ago
- Tricard - Malware Sandbox Fingerprinting☆23Dec 11, 2023Updated 2 years ago
- An interactive command prompt for red teaming and pentesting. Automatically pushes commands through SOCKS4/5 proxies via proxychains. Opt…☆220Aug 23, 2022Updated 3 years ago
- Suite of tools to facilitate attacks against the Jamf macOS management platform.☆189Feb 10, 2021Updated 5 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆58Aug 6, 2020Updated 5 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,727Jan 16, 2026Updated last month
- JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.☆40Apr 20, 2022Updated 3 years ago
- A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2☆139Jan 5, 2023Updated 3 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago