l0psec/arm64_macOS_Syscalls external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

l0psec/arm64_macOS_Syscalls

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/l0psec/arm64_macOS_Syscalls)

Close

l0psec / arm64_macOS_SyscallsView on GitHubMore

• External links
• Readme badge

☆56Jul 1, 2024Updated last year

Alternatives and similar repositories for arm64_macOS_Syscalls

Users that are interested in arm64_macOS_Syscalls are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• antman1p / JXA_Proc_Tree

  View on GitHub
  A JXA script for enumerating running processes, printed out in a json, parent-child tree.
  ☆14Jan 28, 2022Updated 4 years ago
• puffyCid / macos-loginitems

  View on GitHub
  A library to parse macOS LoginItems
  ☆18Aug 28, 2022Updated 3 years ago
• ReverseApple / inject_aarch64

  View on GitHub
  arm64 and arm64e dylib injector
  ☆41Feb 6, 2024Updated 2 years ago
• ald3ns / XPR-dump

  View on GitHub
  Helper scripts to automate the extraction of YARA rules from XProtectRemediators
  ☆22Mar 5, 2024Updated 2 years ago
• cedowens / Persistent-Swift

  View on GitHub
  A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…
  ☆34Apr 15, 2021Updated 4 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• mattstevens / lsquery

  View on GitHub
  A command line tool to query the Launch Services database
  ☆15Jul 28, 2018Updated 7 years ago
• pstirparo / machofile

  View on GitHub
  machofile is a module to parse Mach-O binary files
  ☆94Feb 10, 2026Updated last month
• seemoo-lab / plist17lib

  View on GitHub
  ☆22Oct 13, 2023Updated 2 years ago
• insidegui / CoreFollowUpAttack

  View on GitHub
  CoreFollowUp phishing attack on macOS
  ☆15Mar 15, 2022Updated 4 years ago
• SentineLabs / XProtect-Malware-Families

  View on GitHub
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆94Nov 14, 2025Updated 4 months ago
• theevilbit / DuckDockTile

  View on GitHub
  ☆17Sep 29, 2023Updated 2 years ago
• bradleyjkemp / threathunting

  View on GitHub
  Assorted, MIT licensed, threat hunting rules from @bradleyjkemp
  ☆14Mar 11, 2022Updated 4 years ago
• r3ggi / electroniz3r

  View on GitHub
  Take over macOS Electron apps' TCC permissions
  ☆223Aug 12, 2023Updated 2 years ago
• thiagomayllart / Blender

  View on GitHub
  This repository contains the technique presented at SOCON2025 for stealing cookies silently from MacOS Sequoia with only root privileges
  ☆12Mar 27, 2025Updated 11 months ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• r3ggi / NoMADCredentialsStealer

  View on GitHub
  https://wojciechregula.blog/post/macos-red-teaming-get-ad-credentials-from-nomad/
  ☆43Mar 4, 2022Updated 4 years ago
• captainGeech42 / synapse-sinkdb

  View on GitHub
  Synapse Rapid Power-up for SinkDB
  ☆11Jun 24, 2025Updated 9 months ago
• skr0x1c0 / binja_kc

  View on GitHub
  Plugin for loading MachO kernelcache and dSYM files to Binary Ninja
  ☆40Mar 23, 2025Updated last year
• ReverseApple / gxpc

  View on GitHub
  Sniff XPC communication using Frida and Go
  ☆158Feb 10, 2026Updated last month
• jevinskie / dylibify

  View on GitHub
  Transform any ARM macho executable to a dynamic library
  ☆44Mar 14, 2025Updated last year
• CRKatri / trustcache

  View on GitHub
  Interact with trustcaches
  ☆42Feb 12, 2023Updated 3 years ago
• slyd0g / SwiftLiverpool

  View on GitHub
  Enumerate Location Services using CoreLocation API on macOS
  ☆18Dec 2, 2021Updated 4 years ago
• Hubbl3 / ThreatCheck

  View on GitHub
  Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
  ☆11May 17, 2024Updated last year
• ZJU-SEC / CrossFire

  View on GitHub
  ☆18Nov 7, 2024Updated last year
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• gergelykalman / CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV

  View on GitHub
  Exploit for CVE-2023-38571
  ☆13Sep 27, 2023Updated 2 years ago
• kohnakagawa / cidre-vm

  View on GitHub
  Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware
  ☆38Feb 24, 2026Updated last month
• axelexic / CSOps

  View on GitHub
  Utility to manipulate codesigned application in Mac OS X. Demonstrate the use of csops system call.
  ☆84Mar 21, 2024Updated 2 years ago
• 0cyn / bn-dyldsharedcache

  View on GitHub
  dyld_shared_cache processing / Single-Image loading for BinaryNinja
  ☆91Feb 25, 2026Updated last month
• Colton1skees / Symex

  View on GitHub
  Symbolic executor for Binary Ninja's MLIL
  ☆25Oct 3, 2024Updated last year
• cedowens / JXA-Runner

  View on GitHub
  Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.
  ☆23Apr 22, 2021Updated 4 years ago
• netanelc305 / Darwin_SSL_sniffer

  View on GitHub
  Utility for sniffing SSL/TLS encrypted traffic on a darwin-based platforms.
  ☆27Jan 29, 2024Updated 2 years ago
• zhuowei / macOS-Virtualization-framework-tools

  View on GitHub
  Useless tools for exploring Virtualization.framework
  ☆25Jun 14, 2021Updated 4 years ago
• unixzii / objc-encodingparser

  View on GitHub
  A cross-platform library to parse Objective-C type encoding.
  ☆43Sep 1, 2024Updated last year
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• buzzer-re / whoexec

  View on GitHub
  Discover which process execute a hunted binary inside macOS
  ☆27Dec 15, 2021Updated 4 years ago
• romainthomas / iCDump

  View on GitHub
  A modern Objective-C class dump based on LIEF and LLVM.
  ☆170Jul 20, 2024Updated last year
• slyd0g / SwiftParseTCC

  View on GitHub
  Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format
  ☆40Jul 27, 2021Updated 4 years ago
• its-a-feature / dylibHijackScanner

  View on GitHub
  Objective C dylibHijackScanner and analysis tool
  ☆40Jul 12, 2023Updated 2 years ago
• PhorionTech / Kronos

  View on GitHub
  Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…
  ☆80Nov 21, 2023Updated 2 years ago
• cedowens / docker-arsenal

  View on GitHub
  Spins up a docker container with several useful tools for offensive security in macOS/cloud environments. Also installs the needed depend…
  ☆18Nov 3, 2021Updated 4 years ago
• SentineLabs / macos-ttps-yara

  View on GitHub
  A ruleset to find potentially malicious code in macOS malware samples
  ☆41Aug 29, 2023Updated 2 years ago