WithSecureLabs/ESFang external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

WithSecureLabs/ESFang

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/WithSecureLabs/ESFang)

Close

WithSecureLabs / ESFangView on GitHubMore

• External links
• Readme badge

ESF modular ingestion tool for development and research.

☆37Dec 21, 2021Updated 4 years ago

Alternatives and similar repositories for ESFang

Users that are interested in ESFang are comparing it to the libraries listed below

• cedowens / JXA-Runner

  View on GitHub
  Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.
  ☆23Apr 22, 2021Updated 4 years ago
• Omar-Ikram / EndpointSecurityDemo

  View on GitHub
  This is a complete Xcode project of the Endpoint Security Demo gist: https://gist.github.com/Omar-Ikram/8e6721d8e83a3da69b31d4c2612a68ba
  ☆20Jan 5, 2025Updated last year
• bradleyjkemp / sigma-esf

  View on GitHub
  Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework
  ☆22Jan 22, 2021Updated 5 years ago
• asaurusrex / MachoBins

  View on GitHub
  ☆15Jul 20, 2022Updated 3 years ago
• NMan1 / csgo-legit-cheat

  View on GitHub
  Simple legit cheat
  ☆12May 16, 2021Updated 4 years ago
• avalon1610 / SFirewall

  View on GitHub
  ☆12Oct 20, 2016Updated 9 years ago
• BatteryCandy / osquery-splunk-dashboards

  View on GitHub
  Collection of operational focused osquery dashboards.
  ☆11Jan 20, 2021Updated 5 years ago
• StrangerealIntel / DeltaFlare

  View on GitHub
  ☆12Jun 29, 2021Updated 4 years ago
• ka7ana / CVE-2023-36025

  View on GitHub
  Quick test for CVE-2023-26025 behaviours
  ☆13Nov 29, 2023Updated 2 years ago
• abros0000 / Fortnite-Codes-Generator

  View on GitHub
  An automatic Bot that generates and checks Fortnite gift codes.
  ☆10Jan 9, 2021Updated 5 years ago
• antman1p / JXA_Proc_Tree

  View on GitHub
  A JXA script for enumerating running processes, printed out in a json, parent-child tree.
  ☆14Jan 28, 2022Updated 4 years ago
• coomed / skrrt-rust-external

  View on GitHub
  ☆10Aug 26, 2021Updated 4 years ago
• gyunaev / macprocmon

  View on GitHub
  MacOS X process monitor using EndpointSecurity extension.
  ☆37Sep 29, 2025Updated 4 months ago
• theevilbit / macos

  View on GitHub
  ☆33Jun 12, 2024Updated last year
• rderik / XPCSquirrel

  View on GitHub
  Code on how to build a macOS app that includes an XPC Service
  ☆33Oct 18, 2019Updated 6 years ago
• its-a-feature / loginItemManipulator

  View on GitHub
  ☆15May 26, 2021Updated 4 years ago
• antman1p / PrintTCCdb

  View on GitHub
  JXA script for Mythic that prints the TCC.db
  ☆15Apr 18, 2021Updated 4 years ago
• JakeDahl / Osu-Bypass

  View on GitHub
  Circumvents HWID bans on the rhythm game osu
  ☆12Aug 4, 2019Updated 6 years ago
• cedowens / Spotlight-Enum-Kit

  View on GitHub
  JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.
  ☆40Apr 20, 2022Updated 3 years ago
• its-a-feature / Orchard

  View on GitHub
  JavaScript for Automation (JXA) tool to do Active Directory enumeration.
  ☆107Feb 19, 2022Updated 4 years ago
• cedowens / Dylib_Runner

  View on GitHub
  Swift code to run a dylib on disk
  ☆16May 9, 2022Updated 3 years ago
• audibleblink / kh

  View on GitHub
  Keyhack - Golang API token/webhook validator
  ☆16Mar 20, 2025Updated 11 months ago
• richiercyrus / Venator-Swift

  View on GitHub
  Swift Command line tool used for proactive detection of malicious activity on macOS systems.
  ☆67Jul 1, 2020Updated 5 years ago
• 0xe7 / EventSniper

  View on GitHub
  ☆20Nov 6, 2023Updated 2 years ago
• pathtofile / SimpleAmsiProvider

  View on GitHub
  A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface
  ☆17Jan 10, 2020Updated 6 years ago
• theevilbit / DuckDockTile

  View on GitHub
  ☆17Sep 29, 2023Updated 2 years ago
• mandiant / macos-UnifiedLogs

  View on GitHub
  A cross platform parser for Apple UnifiedLogs!
  ☆330Feb 15, 2026Updated last week
• vastlimits / esmat

  View on GitHub
  macOS Endpoint Security Message Analysis Tool
  ☆47Jan 31, 2022Updated 4 years ago
• axelexic / CSOps

  View on GitHub
  Utility to manipulate codesigned application in Mac OS X. Demonstrate the use of csops system call.
  ☆83Mar 21, 2024Updated last year
• idnahacks / NetCeasePlusPlus

  View on GitHub
  Takes the original idea of NetCease and adds functionality
  ☆24Feb 6, 2022Updated 4 years ago
• android1337 / FortniteSelfLeak2

  View on GitHub
  ☆15Jan 25, 2022Updated 4 years ago
• audibleblink / xordump

  View on GitHub
  ☆18Aug 15, 2021Updated 4 years ago
• rushzzz-max / external

  View on GitHub
  Had this laying around on my Disk
  ☆16Oct 27, 2022Updated 3 years ago
• mhaskar / Octopus-C2-RedTeam-infrastructure-automation

  View on GitHub
  ☆22May 29, 2020Updated 5 years ago
• masterpastaa / BattlEye-Handler-BYPASS

  View on GitHub
  Simple handler for bypass battleye in 5 seconds
  ☆11May 23, 2021Updated 4 years ago
• Gerosity / zap-client-Read-Only-

  View on GitHub
  zap-client but with no writing to memory [Apex Legends External Cheat] [Linux]
  ☆19May 30, 2024Updated last year
• forensicxlab / volatility3_plugins

  View on GitHub
  ☆25Jul 23, 2024Updated last year
• jordanpotti / guardduty-opsec

  View on GitHub
  Opsec considerations for each AWS GuardDuty finding type.
  ☆23Oct 29, 2020Updated 5 years ago
• ronwai / dsctool

  View on GitHub
  Hopper plugin to analyze ObjC runtime structures in the dyld_shared_cache
  ☆26Feb 26, 2021Updated 5 years ago