infosecB / LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
☆439Updated this week
Related projects ⓘ
Alternatives and complementary repositories for LOOBins
- a tool to help operate in EDRs' blind spots☆654Updated 7 months ago
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆316Updated 3 weeks ago
- A python script developed to process Windows memory images based on triage type.☆258Updated 11 months ago
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆351Updated last year
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆240Updated last year
- Retired TrustedSec Capabilities☆227Updated last month
- Ransomware simulator written in Golang☆410Updated 2 years ago
- ☆222Updated 6 months ago
- An open-source self-hosted purple team management web application.☆241Updated 3 months ago
- MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).☆359Updated last month
- Blue Team detection lab created with Terraform and Ansible in Azure.☆143Updated this week
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆232Updated 11 months ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆169Updated 4 months ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆588Updated 5 months ago
- Okta Verify and Okta FastPass Abuse Tool☆289Updated 2 months ago
- BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfi…☆425Updated 2 months ago
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆93Updated 2 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆473Updated last week
- Purple Team Exercise Framework☆626Updated 10 months ago
- Repository of attack and defensive information for Business Email Compromise investigations☆230Updated 2 months ago
- CLI tools for forensic investigation of Windows artifacts☆315Updated 3 weeks ago
- Jupyter Notebooks for the Blue Team☆141Updated last year
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆480Updated last year
- ☆659Updated 2 weeks ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆194Updated 2 years ago
- Rules generated from our investigations.☆189Updated 3 weeks ago
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆150Updated 3 weeks ago
- This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.☆126Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆105Updated this week