kohnakagawa / cidre-vmLinks
Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware
☆32Updated 4 months ago
Alternatives and similar repositories for cidre-vm
Users that are interested in cidre-vm are comparing it to the libraries listed below
Sorting:
- ☆49Updated 11 months ago
- macOS third-party software vulnerabilities I have discovered☆13Updated last year
- Helper scripts to automate the extraction of YARA rules from XProtectRemediators☆20Updated last year
- Enumerate Location Services using CoreLocation API on macOS☆18Updated 3 years ago
- machofile is a module to parse Mach-O binary files☆51Updated last year
- Examples of programmatically interacting with ioreg and sysctl to query system info☆10Updated 3 years ago
- macOS Security Research☆117Updated last year
- Objective C dylibHijackScanner and analysis tool☆39Updated last year
- Discover DYLD_INSERT_LIBRARIES hijacks on macOS☆44Updated 2 years ago
- Swift code to programmatically perform dylib injection☆51Updated 2 years ago
- A general purpose toolkit to make vulnerability research on macOS easier.☆80Updated 3 months ago
- A Ghidra extension for reverse-engineering macOS binaries.☆19Updated 4 months ago
- Brew Local Privilege Escalation exploit on Intel macOS☆19Updated last year
- PoC of macho loading from memory☆56Updated 6 months ago
- Mickey's Blogs☆38Updated 2 weeks ago
- My collection of PoCs☆26Updated last year
- Swift implementation of in-memory Mach-O loading on macOS☆63Updated 2 years ago
- JXA implementation of some SwiftBelt functions. Author: Cedric Owens☆44Updated last year
- ☆28Updated 2 years ago
- JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.☆39Updated 3 years ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆39Updated 3 years ago
- IDA plugin that resolves PPL calls to the actual underlying PPL function.☆58Updated 2 years ago
- Exploit for CVE-2023-32364☆21Updated last year
- Code lifting for executing a visionOS library os macOS using QBDL and QBDI☆17Updated 8 months ago
- ☆31Updated 11 months ago
- Uses Apple's MDM protocol to backdoor a device with a malicious profile.☆54Updated 3 years ago
- ☆86Updated 8 months ago
- ☆115Updated 2 years ago
- ObjectiveC CLI tool for interacting with macOS Keychain☆78Updated 2 years ago
- ☆31Updated 3 years ago