infosecB / LOOBinsLinks
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
☆476Updated last month
Alternatives and similar repositories for LOOBins
Users that are interested in LOOBins are comparing it to the libraries listed below
Sorting:
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆368Updated 2 years ago
- Jupyter Notebooks for the Blue Team☆146Updated 5 months ago
- a tool to help operate in EDRs' blind spots☆754Updated 8 months ago
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆116Updated 11 months ago
- Ransomware simulator written in Golang☆447Updated 3 years ago
- Okta Verify and Okta FastPass Abuse Tool☆331Updated 11 months ago
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆394Updated this week
- Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine☆478Updated 3 months ago
- A python script developed to process Windows memory images based on triage type.☆265Updated last year
- Signatures and IoCs from public Volexity blog posts.☆354Updated 3 months ago
- LotL RMM☆236Updated 2 weeks ago
- Purple Team Exercise Framework☆731Updated last year
- A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens☆334Updated 3 years ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆254Updated last year
- Retired TrustedSec Capabilities☆248Updated 9 months ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆196Updated last year
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆155Updated 2 years ago
- A collection of companies that disclose adversary TTPs after they have been breached☆244Updated last year
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆255Updated 2 years ago
- Rules generated from our investigations.☆197Updated 2 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆238Updated last week
- An open-source self-hosted purple team management web application.☆286Updated last week
- macOS Initial Access Payload Generator☆317Updated last year
- Infrastructure Automation☆353Updated last year
- Incident Response collection and processing scripts with automated reporting scripts☆308Updated last year
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆469Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 7 months ago
- BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfi…☆465Updated 2 months ago
- MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository☆119Updated 2 years ago
- MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).☆406Updated 11 months ago