monitor macOS for malicious activity
☆237Feb 5, 2025Updated last year
Alternatives and similar repositories for xnumon
Users that are interested in xnumon are comparing it to the libraries listed below
Sorting:
- OSX Events Monitor☆22Sep 21, 2018Updated 7 years ago
- macOS application that makes use of the EndpointSecurity framework☆19Aug 1, 2019Updated 6 years ago
- An Open-Source Pre and Post Callback-Based Framework for macOS Kernel Monitoring.☆395Nov 6, 2025Updated 3 months ago
- [⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.☆177Jul 1, 2020Updated 5 years ago
- A TrustedBSD module to control execution of binaries with suid bit set☆38Oct 3, 2014Updated 11 years ago
- Process Monitor Library (based on Apple's new Endpoint Security Framework)☆493Oct 20, 2023Updated 2 years ago
- process info/monitoring library for macOS☆425Feb 1, 2021Updated 5 years ago
- Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.☆1,071Jul 22, 2021Updated 4 years ago
- A user-mode application authorization system for MacOS written in Swift☆301Sep 18, 2020Updated 5 years ago
- An app to protect against process injection and suspicious file links on macOS☆230May 19, 2021Updated 4 years ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆276Aug 23, 2024Updated last year
- A golang implementation of a prefetch parser.☆20Oct 27, 2025Updated 4 months ago
- A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens☆340Apr 28, 2022Updated 3 years ago
- A collection of OSX and iOS security resources☆776Jul 23, 2025Updated 7 months ago
- Golang command line tool for the macOS Endpoint Security Framework☆29Nov 25, 2019Updated 6 years ago
- Collection of forensics artifacts location for Mac OS X and iOS☆343Nov 11, 2021Updated 4 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- macOS Offensive Tools☆270Sep 28, 2023Updated 2 years ago
- A multi-platform binary whitelisting solution☆451Sep 29, 2021Updated 4 years ago
- Scoring Engine for CTF competitions☆48Feb 15, 2023Updated 3 years ago
- The current repository contains all the scripts needed to build kernel-mode mac-a-mal malicious activity hooking on macOS.☆86Sep 22, 2018Updated 7 years ago
- A binary authorization and monitoring system for macOS☆4,514Feb 5, 2025Updated last year
- Binee: binary emulation environment☆530Feb 25, 2023Updated 3 years ago
- The grey fox☆25Jun 22, 2016Updated 9 years ago
- The repository accompanying the Buer Emulation workshop☆24Aug 18, 2021Updated 4 years ago
- IDA Pro plugin that rename functions on load, based on functionality☆19Mar 9, 2018Updated 7 years ago
- Command line tool to get the active System Integrity Protection status☆47Oct 15, 2017Updated 8 years ago
- Cobalt Strike log state tracking, parsing, and storage☆24Jul 18, 2019Updated 6 years ago
- Post-Infection Collection Toolkit☆95Jan 31, 2023Updated 3 years ago
- ☆98Feb 21, 2019Updated 7 years ago
- A PowerShell script to interact with the MITRE ATT&CK Framework via its own API☆370Feb 7, 2019Updated 7 years ago
- File Monitor Library (based on Apple's new Endpoint Security Framework)☆375Oct 9, 2022Updated 3 years ago
- macOS (& ios) Artifact Parsing Tool☆1,003Updated this week
- Osquery Mangement Server☆115Aug 7, 2020Updated 5 years ago
- A plugin to integrate an IPython kernel into Binary Ninja.☆30Jun 27, 2018Updated 7 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Aug 15, 2019Updated 6 years ago
- Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-Cradle…☆315Oct 21, 2021Updated 4 years ago
- Sample code for macOS Extensions Part 3☆24Feb 20, 2020Updated 6 years ago
- A script to help set up an event handler in order to install a persistent backdoor that can be activated by sending a message.☆178Jul 21, 2020Updated 5 years ago