infosecB / LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
☆453Updated 2 months ago
Alternatives and similar repositories for LOOBins:
Users that are interested in LOOBins are comparing it to the libraries listed below
- a tool to help operate in EDRs' blind spots☆705Updated 2 months ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆243Updated 2 years ago
- Ransomware simulator written in Golang☆424Updated 2 years ago
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆358Updated 2 years ago
- Jupyter Notebooks for the Blue Team☆145Updated 2 years ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆249Updated last year
- A python script developed to process Windows memory images based on triage type.☆260Updated last year
- CLI tools for forensic investigation of Windows artifacts☆325Updated 3 months ago
- Signatures and IoCs from public Volexity blog posts.☆348Updated last week
- Blue Team detection lab created with Terraform and Ansible in Azure.☆145Updated 3 months ago
- An open-source self-hosted purple team management web application.☆255Updated last month
- Retired TrustedSec Capabilities☆245Updated 2 months ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆182Updated 7 months ago
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆320Updated 3 months ago
- Aftermath is a free macOS IR framework☆493Updated 2 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆522Updated this week
- Rules generated from our investigations.☆193Updated 3 months ago
- Purple Team Exercise Framework☆675Updated last year
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆601Updated 8 months ago
- BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfi…☆440Updated this week
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆99Updated 5 months ago
- ☆514Updated 4 months ago
- An ADCS honeypot to catch attackers in your internal network.☆280Updated 7 months ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆455Updated 7 months ago
- Repository of attack and defensive information for Business Email Compromise investigations☆246Updated 3 weeks ago
- MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).☆371Updated 4 months ago
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆314Updated 4 months ago
- ☆701Updated this week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆242Updated this week
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆131Updated 11 months ago