jamf / aftermathLinks
Aftermath is a free macOS IR framework
☆535Updated last week
Alternatives and similar repositories for aftermath
Users that are interested in aftermath are comparing it to the libraries listed below
Sorting:
- A binary and file access authorization system for macOS.☆360Updated this week
- A repository for open-source resources created for use with or alongside Jamf Protect.☆208Updated last month
- A cross platform parser for Apple UnifiedLogs!☆271Updated 3 weeks ago
- Aftermath is a free macOS incident response framework☆32Updated 4 months ago
- Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…☆476Updated last month
- Post-Infection Collection Toolkit☆95Updated 2 years ago
- Production-ready detection & response queries for osquery☆586Updated 2 weeks ago
- AutoMacTC: Automated Mac Forensic Triage Collector☆546Updated 3 years ago
- The CrowdStrike Falcon SDK for Python☆425Updated 2 weeks ago
- Pokes users about outstanding security risks found by Crowdstrike Spotlight or vmware Workspace ONE so they secure their own endpoint.☆28Updated 2 weeks ago
- Unleash the power of the Falcon Platform at the CLI☆123Updated 2 weeks ago
- An osquery extension for endpoint engineers☆110Updated 2 months ago
- Suite of tools to facilitate attacks against the Jamf macOS management platform.☆185Updated 4 years ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆260Updated last year
- Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows☆414Updated 6 months ago
- Dorothy is a tool to test security monitoring and detection for Okta environments☆186Updated last year
- Mapping XProtect's obfuscated malware family names to common industry names.☆87Updated last year
- ☆70Updated 3 years ago
- Scripts to streamline the deployment and use of the CrowdStrike Falcon sensor☆182Updated last month
- ☆144Updated 2 weeks ago
- This is the integration to feed Falcon X IOC data into zscaler's platform☆16Updated last year
- This is a macOS hardening to read or set security configuration.☆152Updated 9 months ago
- A serverless sync server for Santa, built on AWS☆97Updated 2 months ago
- Falcon Data Replicator☆33Updated 4 months ago
- This contains all the CrowdStrike API work I've done☆21Updated 5 years ago
- CIS Benchmarks for macOS Catalina☆122Updated 11 months ago
- Automatic security lookups from your clipboard☆24Updated last year
- Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoin…☆1,073Updated last year
- SCuBA Secure Configuration Baselines and assessment tool for Google Workspace☆253Updated this week
- A ruleset to find potentially malicious code in macOS malware samples☆40Updated 2 years ago