djhohnstein / macos_shell_memoryLinks
Execute MachO binaries in memory using CGo
☆81Updated 4 years ago
Alternatives and similar repositories for macos_shell_memory
Users that are interested in macos_shell_memory are comparing it to the libraries listed below
Sorting:
- PoC of macho loading from memory☆57Updated 7 months ago
- JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.☆39Updated 3 years ago
- Swift implementation of in-memory Mach-O loading on macOS☆63Updated 2 years ago
- ObjectiveC CLI tool for interacting with macOS Keychain☆79Updated 2 years ago
- JXA script to allow programmatic persistence via macOS Calendar.app alerts.☆43Updated 4 years ago
- If you have any questions, please open an issue.☆24Updated 3 years ago
- JXA implementation of some SwiftBelt functions. Author: Cedric Owens☆44Updated 2 years ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆39Updated 3 years ago
- Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…☆97Updated 2 years ago
- A proof of concept for a clickjacking attack on macOS.☆95Updated last year
- Swift 5 macOS agent☆106Updated 11 months ago
- Objective C dylibHijackScanner and analysis tool☆39Updated last year
- Golang Tool to interact with Launchd and other services with XPC☆29Updated 5 years ago
- ☆49Updated 11 months ago
- Discover DYLD_INSERT_LIBRARIES hijacks on macOS☆44Updated 2 years ago
- ☆31Updated 3 years ago
- A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…☆32Updated 4 years ago
- Objective-C library and console to interact with Heimdal APIs for macOS Kerberos☆150Updated last year
- macOS shellcode loader written in Objective-C☆47Updated 2 years ago
- JXA script for Mythic that prints the TCC.db☆15Updated 4 years ago
- Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens☆47Updated 4 years ago
- JXA script based on research by Jeff Johnson on leveraging TextEdit to remove quarantine attributes on files. Jeff's original research is…☆17Updated 4 years ago
- Swift code to programmatically perform dylib injection☆51Updated 2 years ago
- Proxy Unix applications in the terminal☆114Updated 4 years ago
- JavaScript for Automation (JXA) macOS agent☆84Updated 2 weeks ago
- Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware☆32Updated 5 months ago
- A Reflective Loader for macOS☆105Updated 6 months ago
- Forblaze - A Python Mac Steganography Payload Generator☆57Updated 3 years ago
- Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.☆24Updated 4 years ago
- Apfell Golang macOS/Linux/Windows implant☆89Updated 3 years ago