infosecB / LOOBinsLinks
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
☆514Updated last week
Alternatives and similar repositories for LOOBins
Users that are interested in LOOBins are comparing it to the libraries listed below
Sorting:
- Jupyter Notebooks for the Blue Team☆146Updated 9 months ago
- Ransomware simulator written in Golang☆463Updated 3 years ago
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆372Updated 3 years ago
- Signatures and IoCs from public Volexity blog posts.☆361Updated 3 weeks ago
- Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine☆514Updated 3 weeks ago
- a tool to help operate in EDRs' blind spots☆771Updated last year
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆119Updated last week
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆204Updated last month
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆257Updated 3 years ago
- Incident Response collection and processing scripts with automated reporting scripts☆319Updated last year
- A python script developed to process Windows memory images based on triage type.☆265Updated 2 years ago
- An open-source self-hosted purple team management web application.☆295Updated 2 weeks ago
- Purple Team Exercise Framework☆757Updated last year
- Rules generated from our investigations.☆203Updated 6 months ago
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆408Updated last week
- Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.☆671Updated 2 years ago
- A collection of companies that disclose adversary TTPs after they have been breached☆291Updated last month
- LotL RMM☆269Updated last month
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆159Updated 2 years ago
- An offensive data enrichment pipeline☆881Updated 3 weeks ago
- BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse en…☆479Updated 3 weeks ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆258Updated 2 years ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆264Updated this week
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆142Updated 2 weeks ago
- BlueHound - pinpoint the security issues that actually matter☆757Updated 2 years ago
- Repository of attack and defensive information for Business Email Compromise investigations☆271Updated 7 months ago
- Blue Team detection lab created with Terraform and Ansible in Azure.☆173Updated last year
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆226Updated last year
- Infrastructure Automation☆359Updated last year
- Some Threat Hunting queries useful for blue teamers☆131Updated 3 years ago