mnrkbys / norimaciLinks
Norimaci is a simple and lightweight malware analysis sandbox for macOS
☆69Updated 5 years ago
Alternatives and similar repositories for norimaci
Users that are interested in norimaci are comparing it to the libraries listed below
Sorting:
- Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods.☆108Updated 2 years ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆40Updated 4 years ago
- A minimal malware analysis sandbox for macOS☆30Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…☆32Updated 4 years ago
- ☆32Updated last year
- Forensic Artifact Collection Tool for macOS☆112Updated last week
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- volatility explorer☆91Updated 4 years ago
- QuasarRAT analysis tools and research report☆27Updated last year
- ☆22Updated 2 years ago
- Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework☆20Updated 4 years ago
- JXA script to allow programmatic persistence via macOS Calendar.app alerts.☆43Updated 4 years ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆38Updated 6 months ago
- Public repository for Red Canary Research☆36Updated 4 years ago
- machofile is a module to parse Mach-O binary files☆72Updated this week
- A proof of concept for a clickjacking attack on macOS.☆95Updated last year
- JXA implementation of some SwiftBelt functions. Author: Cedric Owens☆44Updated 2 years ago
- Forblaze - A Python Mac Steganography Payload Generator☆57Updated 3 years ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆135Updated this week
- Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens☆47Updated 4 years ago
- YARI is an interactive debugger for YARA Language.☆88Updated last month
- Presentations from the CX Security Labs team☆33Updated last week
- Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedri…☆121Updated 4 years ago
- Application Hijack Scanner for macOS☆71Updated 3 years ago
- JavaScript for Automation (JXA) macOS agent☆85Updated last month
- Execute MachO binaries in memory using CGo☆81Updated 4 years ago
- Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.☆24Updated 4 years ago
- ObjectiveC CLI tool for interacting with macOS Keychain☆78Updated 2 years ago
- Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware☆33Updated last month