jamf / aftermathLinks
Aftermath is a free macOS IR framework
☆519Updated 6 months ago
Alternatives and similar repositories for aftermath
Users that are interested in aftermath are comparing it to the libraries listed below
Sorting:
- A repository for open-source resources created for use with or alongside Jamf Protect.☆201Updated 3 weeks ago
- A binary and file access authorization system for macOS.☆282Updated this week
- AutoMacTC: Automated Mac Forensic Triage Collector☆541Updated 3 years ago
- Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…☆462Updated 6 months ago
- Post-Infection Collection Toolkit☆95Updated 2 years ago
- Production-ready detection & response queries for osquery☆573Updated this week
- ☆244Updated 2 months ago
- The CrowdStrike Falcon SDK for Python☆410Updated this week
- An osquery extension for endpoint engineers☆107Updated 3 months ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆256Updated 9 months ago
- Suite of tools to facilitate attacks against the Jamf macOS management platform.☆185Updated 4 years ago
- ☆71Updated 3 years ago
- Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows☆410Updated 3 months ago
- ☆100Updated 2 years ago
- Unleash the power of the Falcon Platform at the CLI☆119Updated this week
- ☆120Updated 2 weeks ago
- CIS Benchmarks for macOS Catalina☆122Updated 8 months ago
- Dorothy is a tool to test security monitoring and detection for Okta environments☆182Updated 9 months ago
- Sublime rules for email attack detection, prevention, and threat hunting.☆309Updated this week
- A serverless sync server for Santa, built on AWS☆94Updated 6 months ago
- Mapping XProtect's obfuscated malware family names to common industry names.☆86Updated last year
- MDM Related code, docs, scripts, snippets, thoughts, and musings.☆121Updated 3 weeks ago
- Collection of useful Canary tools☆79Updated 2 weeks ago
- A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens☆328Updated 3 years ago
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆165Updated 7 months ago
- SOFA | A MacAdmin's Simple Organized Feed for Apple Software Updates☆246Updated this week
- Scripts to streamline the deployment and use of the CrowdStrike Falcon sensor☆171Updated 3 weeks ago
- Tools for hunting for threats.☆582Updated last month
- Software provided by the Solutions Engineering and Support teams at Kandji, Inc.☆192Updated 2 weeks ago
- PowerShell for CrowdStrike's OAuth2 APIs☆413Updated this week