infosecB / LOOBinsLinks
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
☆516Updated last month
Alternatives and similar repositories for LOOBins
Users that are interested in LOOBins are comparing it to the libraries listed below
Sorting:
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆371Updated 3 years ago
- Jupyter Notebooks for the Blue Team☆145Updated 10 months ago
- a tool to help operate in EDRs' blind spots☆767Updated last year
- Ransomware simulator written in Golang☆470Updated 3 years ago
- LotL RMM☆271Updated this week
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆119Updated 3 weeks ago
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆322Updated 8 months ago
- Purple Team Exercise Framework☆762Updated 2 years ago
- Signatures and IoCs from public Volexity blog posts.☆361Updated last month
- Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine☆522Updated last month
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆257Updated 2 years ago
- An open-source self-hosted purple team management web application.☆296Updated last week
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆481Updated last year
- Retired TrustedSec Capabilities☆248Updated 2 weeks ago
- A collection of companies that disclose adversary TTPs after they have been breached☆289Updated 2 months ago
- Repository of attack and defensive information for Business Email Compromise investigations☆273Updated 8 months ago
- Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.☆671Updated 2 years ago
- BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse en…☆480Updated last week
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆259Updated 3 years ago
- Okta Verify and Okta FastPass Abuse Tool☆337Updated last year
- Automated YARA Rule Standardization and Quality Assurance Tool☆271Updated this week
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆143Updated last month
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆166Updated 9 months ago
- MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).☆411Updated last week
- Creation of a laboratory for malware analysis in AWS☆105Updated 3 years ago
- Weaponized Browser-in-the-Middle (BitM) for Penetration Testers☆591Updated last month
- LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.☆194Updated 11 months ago
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆409Updated 2 weeks ago
- A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens☆341Updated 3 years ago
- ☆125Updated last year