its-a-feature / offensive_macos
Tracking of offensive macOS tooling, blogs, and related helpful information
☆146Updated 3 years ago
Related projects: ⓘ
- Collection of macOS persistence methods and miscellaneous tools in JXA☆260Updated last year
- Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods.☆103Updated last year
- ☆99Updated 3 years ago
- macOS Initial Access Payload Generator☆280Updated 8 months ago
- Objective-C library and console to interact with Heimdal APIs for macOS Kerberos☆138Updated last year
- macOS persistence tool☆221Updated 2 years ago
- ☆113Updated this week
- Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies☆152Updated last year
- macOS Offensive Tools☆258Updated 11 months ago
- JavaScript for Automation (JXA) tool to do Active Directory enumeration.☆97Updated 2 years ago
- JXA situational awareness helper by simply reading specific files on a filesystem☆66Updated 2 years ago
- Swift 5 macOS agent☆98Updated last month
- ☆73Updated this week
- JavaScript for Automation (JXA) macOS agent☆62Updated 3 weeks ago
- A Red Team tool for exfiltrating sensitive data from Confluence pages.☆103Updated last year
- A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens☆315Updated 2 years ago
- Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedri…☆114Updated 3 years ago
- LDAP Querying without the Suck☆91Updated last year
- Payload designed for targeting Jamf enrolled devices.☆35Updated last year
- JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.☆37Updated 2 years ago
- Slackhound allows red and blue teams to perform fast reconnaissance on Slack workspaces/organizations to quickly search user profiles, lo…☆73Updated 7 months ago
- A repo to support the book☆103Updated 3 years ago
- ☆161Updated last year
- An interactive command prompt for red teaming and pentesting. Automatically pushes commands through SOCKS4/5 proxies via proxychains. Opt…☆205Updated 2 years ago
- easy-to-use payload hosting☆260Updated 2 years ago
- Adversary Simulators High-Fidelity Intelligence and Reporting Toolkit☆151Updated this week
- Execute MachO binaries in memory using CGo☆79Updated 3 years ago
- ☆97Updated 3 weeks ago
- A sample of proof of concept scripts that run Calc.exe with full source code.☆89Updated 2 weeks ago
- A proof of concept for a clickjacking attack on macOS.☆92Updated 7 months ago