Omar-Ikram / EndpointSecurityDemo

Related projects ⓘ

Alternatives and complementary repositories for EndpointSecurityDemo

• willyu-elastic / SimpleEndpoint
  Sample code for macOS Extensions Part 3
  ☆24Updated 4 years ago
• knightsc / Tracer
  macOS application that makes use of the EndpointSecurity framework
  ☆18Updated 5 years ago
• Alkenso / sEndpointSecurity
  ☆11Updated 5 months ago
• securing / SimpleXPCApp
  Secure example of an XPC helper written in Swift
  ☆100Updated 4 years ago
• objective-see / DNSMonitor
  A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework
  ☆167Updated 3 months ago
• SentineLabs / XProtect-Malware-Families
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆82Updated 6 months ago
• ConradSun / NuwaStone
  A macOS behavior audit / event monitoring system with scope of file, process and network events (based on Endpoint Security Framework).
  ☆43Updated 5 months ago
• brenwell / EvenBetterAuthorizationSample
  Apple's EvenBetterAuthorization Sample Project
  ☆43Updated 4 years ago
• cedowens / EntitlementCheck
  Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…
  ☆91Updated 2 years ago
• knightsc / EndpointSecurity
  A module to expose the Endpoint Security library to Swift
  ☆20Updated 5 years ago
• objective-see / FileMonitor
  File Monitor Library (based on Apple's new Endpoint Security Framework)
  ☆328Updated 2 years ago
• theevilbit / Shield
  An app to protect against process injection and suspicious file links on macOS
  ☆218Updated 3 years ago
• rodionovd / RDProcess
  Re-implementation of NSProcessInfo+NSRunningApplication with all missed stuff (incl. Sandbox information and other things)
  ☆37Updated 5 years ago
• olbartek / MachOReader
  Mach-O file format reader, written entirely in Swift
  ☆11Updated 4 years ago
• SentineLabs / aevt_decompile
  This is a work-in-progress command line tool for reversing run-only AppleScripts. It will help parse the output of applescript-disassembl…
  ☆64Updated 3 years ago
• aronskaya / smjobbless
  A showcase for launching Privileged Helper via SMJobBless() and communicating with it using XPC.
  ☆91Updated 2 years ago
• objective-see / DylibHijackScanner
  Scan your computer for applications that are either susceptible to dylib hijacking or have been hijacked.
  ☆81Updated last year
• PhorionTech / Kronos
  Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…
  ☆71Updated last year
• trilemma-dev / SecureXPC
  A simple and secure XPC framework for Swift
  ☆78Updated last year
• slyd0g / SwiftParseTCC
  Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format
  ☆38Updated 3 years ago
• Trinity2019 / SimplePcap
  A simple demonstration of the macOS Network Extension
  ☆15Updated 3 years ago
• themittenmac / TrueTree
  A command line tool for pstree-like output on macOS with additional pid capturing capabilities
  ☆245Updated 3 months ago
• gyunaev / macprocmon
  MacOS X process monitor using EndpointSecurity extension.
  ☆33Updated 3 years ago
• vastlimits / esmat
  macOS Endpoint Security Message Analysis Tool
  ☆44Updated 2 years ago
• objective-see / fromAppStore
  checks if an application is pristine (untampered) and from the official Mac App Store
  ☆70Updated 3 years ago
• objective-see / KextViewr
  View all modules on that are loaded in the OS kernel
  ☆67Updated last year
• google / macops-molcertificate
  Objective-C wrapper around SecCertificateRef
  ☆37Updated 7 months ago
• puffyCid / macos-fseventsd
  A library to parse macOS FsEvents
  ☆18Updated 2 years ago
• WithSecureLabs / ESFang
  ESF modular ingestion tool for development and research.
  ☆34Updated 2 years ago
• jslegendre / MachXPC
  Bidirectional XPC between two (or more) processes without a MachService daemon
  ☆52Updated 2 years ago