mellow-hype / santa-linux
A proof-of-concept Linux clone of Santa, Google's binary authorization system for macOS
☆26Updated last year
Related projects: ⓘ
- ☆28Updated 3 months ago
- Tools to measure an app's App Sandbox usage☆23Updated 4 years ago
- Golang Tool to interact with Launchd and other services with XPC☆27Updated 4 years ago
- Helper scripts to automate the extraction of YARA rules from XProtectRemediators☆18Updated 6 months ago
- Golang command line tool for the macOS Endpoint Security Framework☆29Updated 4 years ago
- ☆31Updated this week
- F-Secure Armory Drive - USB encrypted drive with mobile unlock over BLE☆54Updated 11 months ago
- macOS Endpoint Security Message Analysis Tool☆45Updated 2 years ago
- Tool to examine the behaviour of setuid binaries under constrained limits.☆62Updated 3 years ago
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆49Updated 2 years ago
- Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.☆43Updated last year
- Checks for tpm vulnerabilities☆35Updated last year
- egrets monitors egress☆45Updated 4 years ago
- ☆25Updated last year
- A minimal malware analysis sandbox for macOS☆26Updated last year
- macOS XProtect definition files☆38Updated 2 years ago
- An eBPF detection program for CVE-2022-0847☆27Updated 2 years ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆37Updated 3 years ago
- go reversing helpers for binaryninja☆25Updated last year
- Whitelisting LD_PRELOAD libraries using LD_AUDIT☆60Updated 2 years ago
- The Art of Mac Malware☆20Updated 2 months ago
- Discover which process execute a hunted binary inside macOS☆24Updated 2 years ago
- ☆43Updated this week
- Collection of Scripts to Automatically Unlock LUKS Devices on kexec Reboot☆56Updated 5 years ago
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆34Updated last year
- Determine Who Can Log In to an SSH Server☆27Updated last year
- Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…☆90Updated 2 years ago
- Scripts to secure and harden Mac OS X☆30Updated 2 years ago
- A Secure Enclave Token Driver Smartcard Extension☆55Updated last year
- macOS Sandbox Profile Language (SBPL) Interpreter☆43Updated 4 years ago