Alternatives and similar repositories for aftermath

Users that are interested in aftermath are comparing it to the libraries listed below

• northpolesec / santa
  A binary and file access authorization system for macOS.
  ☆320Updated this week
• mandiant / macos-UnifiedLogs
  ☆257Updated last week
• jamf / jamfprotect
  A repository for open-source resources created for use with or alongside Jamf Protect.
  ☆204Updated last week
• infosecB / LOOBins
  Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…
  ☆472Updated 3 weeks ago
• stuartjash / aftermath
  Aftermath is a free macOS incident response framework
  ☆32Updated 3 months ago
• thomasareed / pict
  Post-Infection Collection Toolkit
  ☆95Updated 2 years ago
• CrowdStrike / automactc
  AutoMacTC: Automated Mac Forensic Triage Collector
  ☆543Updated 3 years ago
• CrowdStrike / falconpy
  The CrowdStrike Falcon SDK for Python
  ☆418Updated last week
• chainguard-dev / osquery-defense-kit
  Production-ready detection & response queries for osquery
  ☆579Updated 2 weeks ago
• macadmins / osquery-extension
  An osquery extension for endpoint engineers
  ☆109Updated 3 weeks ago
• themittenmac / TrueTree
  A command line tool for pstree-like output on macOS with additional pid capturing capabilities
  ☆259Updated 10 months ago
• joshua-d-miller / macOSLAPS
  Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows
  ☆414Updated 4 months ago
• okta / customer-detections
  ☆138Updated last week
• hazcod / security-slacker
  Pokes users about outstanding security risks found by Crowdstrike Spotlight or vmware Workspace ONE so they secure their own endpoint.
  ☆28Updated last week
• CrowdStrike / Falcon-Toolkit
  Unleash the power of the Falcon Platform at the CLI
  ☆121Updated last week
• mvdbent / CIS-macOS-Security
  ☆70Updated 3 years ago
• SentineLabs / XProtect-Malware-Families
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆86Updated last year
• SentineLabs / macos-ttps-yara
  A ruleset to find potentially malicious code in macOS malware samples
  ☆40Updated last year
• elastic / dorothy
  Dorothy is a tool to test security monitoring and detection for Okta environments
  ☆183Updated 11 months ago
• ataumo / macos_hardening
  This is a macOS hardening to read or set security configuration.
  ☆147Updated 8 months ago
• redcanaryco / mac-monitor
  Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoin…
  ☆1,063Updated last year
• CrowdStrike / falcon-scripts
  Scripts to streamline the deployment and use of the CrowdStrike Falcon sensor
  ☆176Updated 2 months ago
• CrowdStrike / zscaler-FalconX-integration
  This is the integration to feed Falcon X IOC data into zscaler's platform
  ☆16Updated last year
• cisagov / ScubaGoggles
  SCuBA Secure Configuration Baselines and assessment tool for Google Workspace
  ☆243Updated this week
• airbnb / rudolph
  A serverless sync server for Santa, built on AWS
  ☆95Updated last month
• ReversecLabs / Jamf-Attack-Toolkit
  Suite of tools to facilitate attacks against the Jamf macOS management platform.
  ☆185Updated 4 years ago
• cookpad / aws-falcon-data-forwarder
  CrowdStrike Falcon log forwarder from falcon S3 bucket to your S3 bucket
  ☆11Updated 4 years ago
• mvdbent / CIS-Reporting
  ☆14Updated last year
• sublime-security / sublime-rules
  Sublime rules for email attack detection, prevention, and threat hunting.
  ☆313Updated this week
• richiercyrus / Venator-Swift
  Swift Command line tool used for proactive detection of malicious activity on macOS systems.
  ☆68Updated 5 years ago