infosecB / LOOBinsLinks
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
☆462Updated 6 months ago
Alternatives and similar repositories for LOOBins
Users that are interested in LOOBins are comparing it to the libraries listed below
Sorting:
- a tool to help operate in EDRs' blind spots☆732Updated 6 months ago
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆362Updated 2 years ago
- An open-source self-hosted purple team management web application.☆271Updated 3 weeks ago
- Okta Verify and Okta FastPass Abuse Tool☆321Updated 9 months ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆251Updated last year
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆248Updated 2 years ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆190Updated 11 months ago
- Retired TrustedSec Capabilities☆246Updated 6 months ago
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆166Updated 2 months ago
- An ADCS honeypot to catch attackers in your internal network.☆289Updated 11 months ago
- Ransomware simulator written in Golang☆439Updated 2 years ago
- LotL RMM☆196Updated 2 weeks ago
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆112Updated 8 months ago
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- Purple Team Exercise Framework☆706Updated last year
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆491Updated 2 years ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆764Updated 2 months ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆465Updated 10 months ago
- Signatures and IoCs from public Volexity blog posts.☆354Updated 2 weeks ago
- An offensive data enrichment pipeline☆680Updated last month
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆123Updated 4 months ago
- Blue Team detection lab created with Terraform and Ansible in Azure.☆158Updated 6 months ago
- BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfi…☆458Updated last month
- Rules generated from our investigations.☆195Updated this week
- MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).☆398Updated 8 months ago
- Infrastructure Automation☆350Updated last year
- Repository of attack and defensive information for Business Email Compromise investigations☆252Updated 3 weeks ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆154Updated last year
- Bloodhound Reporting for Blue and Purple Teams☆1,198Updated 3 months ago
- Jupyter Notebooks for the Blue Team☆144Updated 2 months ago