Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework
☆22Jan 22, 2021Updated 5 years ago
Alternatives and similar repositories for sigma-esf
Users that are interested in sigma-esf are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆11Jun 5, 2024Updated 2 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 7 years ago
- A triage data collection script for macOS☆30Nov 27, 2020Updated 5 years ago
- Tool to rip system and user data from OSX and macOS☆16Dec 6, 2022Updated 3 years ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆40Jul 27, 2021Updated 4 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- A minimal malware analysis sandbox for macOS☆34Feb 15, 2023Updated 3 years ago
- a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…☆14Aug 19, 2022Updated 3 years ago
- ESF modular ingestion tool for development and research.☆38Dec 21, 2021Updated 4 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 5 years ago
- macOS Endpoint Security Message Analysis Tool☆47Jan 31, 2022Updated 4 years ago
- A suite of Volatility 3 plugins for memory forensics of Docker containers☆18Jan 10, 2024Updated 2 years ago
- Elastic Security Labs' malware analysis and reverse engineering library☆55Mar 10, 2026Updated 3 months ago
- This is a malware analyzer for Mac OS X that extends the Cuckoo Sandbox project (https://cuckoosandbox.org/)☆23Jul 8, 2016Updated 9 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- This repository is a part of GSoC Project 2019 which intends to add the macOS support for Cuckoo Sandbox. This repository helps setting u…☆11Aug 26, 2019Updated 6 years ago
- A DFIR tool to collect artifacts on macOS☆57Mar 1, 2020Updated 6 years ago
- Adversary emulation for EDR/SIEM testing (macOS/Linux)☆54Jun 8, 2026Updated last week
- JXA situational awareness helper by simply reading specific files on a filesystem☆82Feb 17, 2026Updated 4 months ago
- A malware scanner with Yara and ClamAV binding☆12May 23, 2026Updated 3 weeks ago
- Global Shortcuts for macOS written in Swift.☆25Jan 5, 2025Updated last year
- A Ghidra extension for reverse-engineering macOS binaries.☆20Jan 13, 2025Updated last year
- Welcome to the Pressidium® Yara Rules repository. This section contains a carefully curated collection of Yara rules specifically designe…☆18Nov 5, 2023Updated 2 years ago
- ☆33Oct 25, 2021Updated 4 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Discover which process execute a hunted binary inside macOS☆29Dec 15, 2021Updated 4 years ago
- DEFCON 33 Workshop - Open Source Malware 101 - Everything you always wanted to know about npm malware (and more)☆16Aug 8, 2025Updated 10 months ago
- Windows Thingies... but in Rust☆23Nov 12, 2022Updated 3 years ago
- Swift Command line tool used for proactive detection of malicious activity on macOS systems.☆68Jul 1, 2020Updated 5 years ago
- A ruleset to find potentially malicious code in macOS malware samples☆40Aug 29, 2023Updated 2 years ago
- ☆28Aug 8, 2021Updated 4 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆91Mar 11, 2026Updated 3 months ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- A set of homebrew formulae to install virt-manager and virt-viewer on macOS☆11Feb 17, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆16Dec 3, 2020Updated 5 years ago
- Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!☆13Jun 5, 2023Updated 3 years ago
- Mythic Developer Series: Workshop Golang Agent☆26Jun 27, 2023Updated 2 years ago
- Google Cloud Platform (GCP) Security Command Center Alerts enablement scripts☆32Apr 8, 2021Updated 5 years ago
- A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens☆343Apr 28, 2022Updated 4 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- Caesar-Cipher based encryption☆29Mar 1, 2021Updated 5 years ago