D00MFist / PersistentJXA
Collection of macOS persistence methods and miscellaneous tools in JXA
☆271Updated last year
Alternatives and similar repositories for PersistentJXA:
Users that are interested in PersistentJXA are comparing it to the libraries listed below
- macOS Initial Access Payload Generator☆304Updated last year
- macOS Offensive Tools☆265Updated last year
- Tracking of offensive macOS tooling, blogs, and related helpful information☆163Updated 4 months ago
- A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens☆329Updated 2 years ago
- Objective-C library and console to interact with Heimdal APIs for macOS Kerberos☆146Updated last year
- macOS persistence tool☆222Updated 3 years ago
- Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods.☆106Updated 2 years ago
- ☆97Updated 4 years ago
- Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedri…☆120Updated 4 years ago
- Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies☆166Updated 2 years ago
- Swift 5 macOS agent☆102Updated 8 months ago
- Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…☆456Updated 3 months ago
- JavaScript for Automation (JXA) tool to do Active Directory enumeration.☆101Updated 3 years ago
- JXA situational awareness helper by simply reading specific files on a filesystem☆76Updated 3 years ago
- Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…☆96Updated 2 years ago
- JavaScript for Automation (JXA) macOS agent☆73Updated last month
- JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.☆38Updated 2 years ago
- easy-to-use payload hosting☆269Updated 2 years ago
- ☆189Updated 2 years ago
- Execute MachO binaries in memory using CGo☆80Updated 3 years ago
- Neutering Sysmon via driver unload☆227Updated 2 years ago
- ObjectiveC CLI tool for interacting with macOS Keychain☆78Updated 2 years ago
- ☆259Updated last year
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆255Updated 3 years ago
- Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.☆225Updated 5 years ago
- Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.☆253Updated 3 years ago
- Presentation material presented by Outflank team members at public events.☆185Updated 3 months ago
- A sample of proof of concept scripts that run Calc.exe with full source code.☆95Updated 6 months ago
- Payload designed for targeting Jamf enrolled devices.☆37Updated last year
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆322Updated last year