monitor macOS for malicious activity
☆237Feb 5, 2025Updated last year
Alternatives and similar repositories for xnumon
Users that are interested in xnumon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- OSX Events Monitor☆22Sep 21, 2018Updated 7 years ago
- macOS application that makes use of the EndpointSecurity framework☆19Aug 1, 2019Updated 6 years ago
- A TrustedBSD module to control execution of binaries with suid bit set☆38Oct 3, 2014Updated 11 years ago
- An Open-Source Pre and Post Callback-Based Framework for macOS Kernel Monitoring.☆397Mar 16, 2026Updated last week
- process info/monitoring library for macOS☆424Feb 1, 2021Updated 5 years ago
- Process Monitor Library (based on Apple's new Endpoint Security Framework)☆494Oct 20, 2023Updated 2 years ago
- [⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.☆177Jul 1, 2020Updated 5 years ago
- Golang command line tool for the macOS Endpoint Security Framework☆29Nov 25, 2019Updated 6 years ago
- Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.☆1,071Jul 22, 2021Updated 4 years ago
- A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens☆340Apr 28, 2022Updated 3 years ago
- A user-mode application authorization system for MacOS written in Swift☆300Sep 18, 2020Updated 5 years ago
- Command line tool to get the active System Integrity Protection status☆47Oct 15, 2017Updated 8 years ago
- Small util to dump the IDT table of a running OS X system with kmem enabled☆21May 5, 2014Updated 11 years ago
- A collection of OSX and iOS security resources☆778Jul 23, 2025Updated 8 months ago
- macOS Offensive Tools☆270Sep 28, 2023Updated 2 years ago
- The current repository contains all the scripts needed to build kernel-mode mac-a-mal malicious activity hooking on macOS.☆86Sep 22, 2018Updated 7 years ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆276Aug 23, 2024Updated last year
- An app to protect against process injection and suspicious file links on macOS☆228May 19, 2021Updated 4 years ago
- A binary authorization and monitoring system for macOS☆4,513Feb 5, 2025Updated last year
- Mac OS X syscall hook kext☆24Feb 16, 2016Updated 10 years ago
- A Secure Enclave Token Driver Smartcard Extension☆61Dec 1, 2022Updated 3 years ago
- Collection of forensics artifacts location for Mac OS X and iOS☆344Nov 11, 2021Updated 4 years ago
- Post-Infection Collection Toolkit☆95Jan 31, 2023Updated 3 years ago
- A multi-platform binary whitelisting solution☆450Sep 29, 2021Updated 4 years ago
- A Kext that can be used to disable Rootless in OS X El Capitan/macOS Sierra. You need to sign it OR use an exploit to make OS X load it.☆79Feb 26, 2020Updated 6 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.☆59Oct 28, 2018Updated 7 years ago
- macOS Kernel Fuzzer☆258Oct 23, 2017Updated 8 years ago
- Sample code for macOS Extensions Part 3☆24Feb 20, 2020Updated 6 years ago
- A repository for using osquery for incident detection and response☆882Sep 8, 2025Updated 6 months ago
- macOS kext for host_special_port(4) patch☆90Nov 13, 2023Updated 2 years ago
- Cobalt Strike log state tracking, parsing, and storage☆24Jul 18, 2019Updated 6 years ago
- The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.☆12Jun 18, 2021Updated 4 years ago
- ios kernel class tree☆23May 30, 2019Updated 6 years ago
- File Monitor Library (based on Apple's new Endpoint Security Framework)☆376Oct 9, 2022Updated 3 years ago
- ☆108Mar 21, 2017Updated 9 years ago
- Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedri…☆124Dec 27, 2020Updated 5 years ago
- The grey fox☆25Jun 22, 2016Updated 9 years ago
- A kernel network manager with monitoring and limiting capabilities for macOS. #nsacyber☆113Mar 16, 2017Updated 9 years ago