Alternatives and similar repositories for aftermath

Users that are interested in aftermath are comparing it to the libraries listed below

• mandiant / macos-UnifiedLogs
  A cross platform parser for Apple UnifiedLogs!
  ☆299Updated last month
• northpolesec / santa
  A binary and file access authorization system for macOS.
  ☆458Updated last week
• stuartjash / aftermath
  Aftermath is a free macOS incident response framework
  ☆34Updated 2 months ago
• jamf / jamfprotect
  A repository for open-source resources created for use with or alongside Jamf Protect.
  ☆212Updated 5 months ago
• infosecB / LOOBins
  Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…
  ☆509Updated last week
• hazcod / security-slacker
  Pokes users about outstanding security risks found by Crowdstrike Spotlight or vmware Workspace ONE so they secure their own endpoint.
  ☆29Updated 3 weeks ago
• CrowdStrike / automactc
  AutoMacTC: Automated Mac Forensic Triage Collector
  ☆554Updated 3 years ago
• CrowdStrike / falconpy
  The CrowdStrike Falcon SDK for Python
  ☆450Updated this week
• chainguard-dev / osquery-defense-kit
  Production-ready detection & response queries for osquery
  ☆596Updated 3 months ago
• thomasareed / pict
  Post-Infection Collection Toolkit
  ☆95Updated 2 years ago
• CrowdStrike / Falcon-Toolkit
  Unleash the power of the Falcon Platform at the CLI
  ☆133Updated 2 months ago
• macadmins / osquery-extension
  An osquery extension for endpoint engineers
  ☆115Updated last month
• themittenmac / TrueTree
  A command line tool for pstree-like output on macOS with additional pid capturing capabilities
  ☆267Updated last year
• joshua-d-miller / macOSLAPS
  Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows
  ☆420Updated 9 months ago
• SentineLabs / XProtect-Malware-Families
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆89Updated 3 weeks ago
• mvdbent / CIS-macOS-Security
  ☆70Updated 4 years ago
• ReversecLabs / Jamf-Attack-Toolkit
  Suite of tools to facilitate attacks against the Jamf macOS management platform.
  ☆188Updated 4 years ago
• airbnb / rudolph
  A serverless sync server for Santa, built on AWS
  ☆103Updated 5 months ago
• Brandon7CC / mac-monitor
  "The missing ProcMon for macOS": Mac Monitor records Endpoint Security events and displays them for analysis.
  ☆1,214Updated 2 weeks ago
• ackatz / seclook
  Automatic security lookups from your clipboard
  ☆24Updated last year
• elastic / dorothy
  ☆189Updated 2 weeks ago
• CrowdStrike / falcon-scripts
  Scripts to streamline the deployment and use of the CrowdStrike Falcon sensor
  ☆198Updated this week
• jamf / CIS-for-macOS-Catalina-CP
  CIS Benchmarks for macOS Catalina
  ☆121Updated last year
• CrowdStrike / FDR
  Falcon Data Replicator
  ☆37Updated last month
• sublime-security / sublime-rules
  Sublime rules for email attack detection, prevention, and threat hunting.
  ☆336Updated this week
• magicsword-io / LOLRMM
  LotL RMM
  ☆262Updated last week
• the-monger / Crowdstrike
  This contains all the CrowdStrike API work I've done
  ☆21Updated 6 years ago
• mvdbent / CIS-Reporting
  ☆14Updated 2 years ago
• sublime-security / sublime-platform
  A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…
  ☆239Updated 3 weeks ago
• kandji-inc / support
  Software provided by the Solutions Engineering and Support teams at Kandji, Inc.
  ☆228Updated last month