jamf / aftermathLinks
Aftermath is a free macOS IR framework
☆539Updated last month
Alternatives and similar repositories for aftermath
Users that are interested in aftermath are comparing it to the libraries listed below
Sorting:
- A binary and file access authorization system for macOS.☆380Updated this week
- A cross platform parser for Apple UnifiedLogs!☆278Updated last month
- A repository for open-source resources created for use with or alongside Jamf Protect.☆209Updated 2 months ago
- Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…☆476Updated last month
- AutoMacTC: Automated Mac Forensic Triage Collector☆550Updated 3 years ago
- An osquery extension for endpoint engineers☆111Updated 2 months ago
- Production-ready detection & response queries for osquery☆587Updated last month
- Post-Infection Collection Toolkit☆95Updated 2 years ago
- Aftermath is a free macOS incident response framework☆32Updated this week
- The CrowdStrike Falcon SDK for Python☆433Updated last week
- ☆70Updated 3 years ago
- Pokes users about outstanding security risks found by Crowdstrike Spotlight or vmware Workspace ONE so they secure their own endpoint.☆29Updated 2 weeks ago
- Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows☆416Updated 6 months ago
- CIS Benchmarks for macOS Catalina☆122Updated last year
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆263Updated last year
- ☆146Updated this week
- Unleash the power of the Falcon Platform at the CLI☆123Updated last week
- A serverless sync server for Santa, built on AWS☆101Updated 3 months ago
- Suite of tools to facilitate attacks against the Jamf macOS management platform.☆185Updated 4 years ago
- This is a macOS hardening to read or set security configuration.☆152Updated 10 months ago
- Scripts to streamline the deployment and use of the CrowdStrike Falcon sensor☆185Updated last month
- Sublime rules for email attack detection, prevention, and threat hunting.☆324Updated this week
- Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoin…☆1,079Updated last year
- This is the integration to feed Falcon X IOC data into zscaler's platform☆16Updated this week
- Mapping XProtect's obfuscated malware family names to common industry names.☆88Updated last year
- This contains all the CrowdStrike API work I've done☆21Updated 5 years ago
- ☆187Updated this week
- LotL RMM☆240Updated 2 weeks ago
- ☆100Updated 2 years ago
- Automatic security lookups from your clipboard☆24Updated last year