jamf / aftermathLinks
Aftermath is a free macOS IR framework
☆524Updated 6 months ago
Alternatives and similar repositories for aftermath
Users that are interested in aftermath are comparing it to the libraries listed below
Sorting:
- A binary and file access authorization system for macOS.☆300Updated this week
- A repository for open-source resources created for use with or alongside Jamf Protect.☆203Updated last month
- Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…☆471Updated last week
- AutoMacTC: Automated Mac Forensic Triage Collector☆541Updated 3 years ago
- ☆250Updated 2 weeks ago
- ☆71Updated 3 years ago
- Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows☆414Updated 3 months ago
- An osquery extension for endpoint engineers☆109Updated 4 months ago
- ☆132Updated last month
- Unleash the power of the Falcon Platform at the CLI☆119Updated this week
- CIS Benchmarks for macOS Catalina☆122Updated 9 months ago
- Post-Infection Collection Toolkit☆95Updated 2 years ago
- Suite of tools to facilitate attacks against the Jamf macOS management platform.☆185Updated 4 years ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆258Updated 10 months ago
- ☆100Updated 2 years ago
- Production-ready detection & response queries for osquery☆574Updated this week
- Sublime rules for email attack detection, prevention, and threat hunting.☆311Updated this week
- SOFA | A MacAdmin's Simple Organized Feed for Apple Software Updates☆250Updated this week
- Mapping XProtect's obfuscated malware family names to common industry names.☆86Updated last year
- The CrowdStrike Falcon SDK for Python☆413Updated last week
- A serverless sync server for Santa, built on AWS☆95Updated last week
- Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…☆76Updated last year
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆162Updated 3 months ago
- MDM Related code, docs, scripts, snippets, thoughts, and musings.☆122Updated this week
- A Mac utility to help inspect Apple Configuration Profile payloads.☆364Updated 6 months ago
- A ruleset to find potentially malicious code in macOS malware samples☆40Updated last year
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆216Updated last week
- Dorothy is a tool to test security monitoring and detection for Okta environments☆183Updated 10 months ago
- LotL RMM☆208Updated this week
- Forensic Artifact Collection Tool for macOS☆111Updated 9 months ago