CyborgSecurity/PoisonApple external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

CyborgSecurity/PoisonApple

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/CyborgSecurity/PoisonApple)

Close

CyborgSecurity / PoisonAppleView on GitHubMore

• External links
• Readme badge

macOS persistence tool

☆227Feb 9, 2022Updated 4 years ago

Alternatives and similar repositories for PoisonApple

Users that are interested in PoisonApple are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• D00MFist / PersistentJXA

  View on GitHub
  Collection of macOS persistence methods and miscellaneous tools in JXA
  ☆292Mar 26, 2026Updated last month
• MythicAgents / typhon

  View on GitHub
  Payload designed for targeting Jamf enrolled devices.
  ☆40May 19, 2023Updated 2 years ago
• its-a-feature / LockSmith

  View on GitHub
  ObjectiveC CLI tool for interacting with macOS Keychain
  ☆84Oct 10, 2022Updated 3 years ago
• cedowens / SwiftBelt

  View on GitHub
  A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens
  ☆342Apr 28, 2022Updated 4 years ago
• FSecureLABS / CalendarPersist

  View on GitHub
  JXA script to allow programmatic persistence via macOS Calendar.app alerts.
  ☆44Oct 31, 2020Updated 5 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• D00MFist / Mystikal

  View on GitHub
  macOS Initial Access Payload Generator
  ☆323Jan 10, 2024Updated 2 years ago
• slyd0g / SwiftParseTCC

  View on GitHub
  Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format
  ☆40Jul 27, 2021Updated 4 years ago
• its-a-feature / loginItemManipulator

  View on GitHub
  ☆15May 26, 2021Updated 4 years ago
• antman1p / JXA_Proc_Tree

  View on GitHub
  A JXA script for enumerating running processes, printed out in a json, parent-child tree.
  ☆14Jan 28, 2022Updated 4 years ago
• djhohnstein / cliProxy

  View on GitHub
  Proxy Unix applications in the terminal
  ☆116Apr 14, 2021Updated 5 years ago
• djhohnstein / macos_shell_memory

  View on GitHub
  Execute MachO binaries in memory using CGo
  ☆79May 24, 2021Updated 4 years ago
• zhuowei / PCICrash

  View on GitHub
  PCIDriverKit proof-of-concept for CVE-2022-26763
  ☆37Jul 2, 2022Updated 3 years ago
• kgoins / ldsview

  View on GitHub
  ☆109Oct 14, 2021Updated 4 years ago
• klezVirus / CheeseTools

  View on GitHub
  Self-developed tools for Lateral Movement/Code Execution
  ☆721Aug 17, 2021Updated 4 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• antman1p / GDir-Thief

  View on GitHub
  Red Team tool for exfiltrating the target organization's Google People Directory that you have access to, via Google's API.
  ☆58Sep 2, 2021Updated 4 years ago
• qsecure-labs / overlord

  View on GitHub
  Overlord - Red Teaming Infrastructure Automation
  ☆632May 28, 2024Updated last year
• ChiChou / mistune

  View on GitHub
  Browser based rce for iOS <= 14.3
  ☆10May 26, 2025Updated 11 months ago
• its-a-feature / HealthInspector

  View on GitHub
  JXA situational awareness helper by simply reading specific files on a filesystem
  ☆82Feb 17, 2026Updated 2 months ago
• cedowens / Inject_Dylib

  View on GitHub
  Swift code to programmatically perform dylib injection
  ☆53Oct 29, 2022Updated 3 years ago
• aahmad097 / ZoomPersistence

  View on GitHub
  Zoom Persistence Aggressor and Handler
  ☆56Mar 24, 2021Updated 5 years ago
• MythicAgents / orthrus

  View on GitHub
  Uses Apple's MDM protocol to backdoor a device with a malicious profile.
  ☆57Oct 12, 2021Updated 4 years ago
• emcghee / PayloadAutomation

  View on GitHub
  ☆121Jun 17, 2022Updated 3 years ago
• nodauf / Go-RouterSocks

  View on GitHub
  Router socks. One port socks for all the others.
  ☆69May 22, 2024Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• sensepost / dwn

  View on GitHub
  d(ockerp)wn - a docker pwn tool manager
  ☆156Jun 8, 2021Updated 4 years ago
• S3cur3Th1sSh1t / NamedPipePTH

  View on GitHub
  Pass the Hash to a named pipe for token Impersonation
  ☆145May 1, 2021Updated 4 years ago
• shellcromancer / DaysOfYARA-2023

  View on GitHub
  Rules Shared by the Community from 100 Days of YARA 2023 -
  ☆18Apr 10, 2023Updated 3 years ago
• EspressoCake / BOF_Development_Docker

  View on GitHub
  A VSCode devcontainer for development of COFF files with batteries included.
  ☆50Jul 10, 2023Updated 2 years ago
• malware-unicorn / MacOS_VBA_Macro

  View on GitHub
  Example VBA Macro for MacOS Mojave
  ☆67Oct 31, 2018Updated 7 years ago
• Accenture / jenkins-attack-framework

  View on GitHub
  ☆575Jul 12, 2025Updated 9 months ago
• aahmad097 / BadOutlook

  View on GitHub
  (kinda) Malicious Outlook Reader
  ☆138Mar 3, 2021Updated 5 years ago
• antman1p / PrintTCCdb

  View on GitHub
  JXA script for Mythic that prints the TCC.db
  ☆15Apr 18, 2021Updated 5 years ago
• bradleyjkemp / sigma-esf

  View on GitHub
  Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework
  ☆22Jan 22, 2021Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• infosecB / LOOBins

  View on GitHub
  Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…
  ☆536Feb 25, 2026Updated 2 months ago
• ReversecLabs / C3

  View on GitHub
  Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…
  ☆1,755Jan 16, 2026Updated 3 months ago
• phra / x0rro

  View on GitHub
  A PE/ELF/MachO Crypter for x86 and x86_64 Based on Radare2
  ☆139Jan 5, 2023Updated 3 years ago
• cedowens / Persistent-Swift

  View on GitHub
  A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…
  ☆34Apr 15, 2021Updated 5 years ago
• grines / s3c2

  View on GitHub
  ☆18Sep 10, 2021Updated 4 years ago
• Barbarisch / forkatz

  View on GitHub
  credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege
  ☆123May 22, 2021Updated 4 years ago
• mgeeky / RedWarden

  View on GitHub
  Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
  ☆993Oct 7, 2022Updated 3 years ago