Alternatives and similar repositories for endpointsecurity:

Users that are interested in endpointsecurity are comparing it to the libraries listed below

• theevilbit / macos
  ☆31Updated 8 months ago
• mellow-hype / santa-linux
  A proof-of-concept Linux clone of Santa, Google's binary authorization system for macOS
  ☆30Updated 2 years ago
• ald3ns / XPR-dump
  Helper scripts to automate the extraction of YARA rules from XProtectRemediators
  ☆18Updated 11 months ago
• knightsc / XProtect
  macOS XProtect definition files
  ☆40Updated 2 years ago
• 0xbf00 / macos-sandbox-coverage
  Tools to measure an app's App Sandbox usage
  ☆24Updated 4 years ago
• ydkhatri / macOS_FE
  Tools for macOS Forensic Bootable media
  ☆15Updated 4 years ago
• stek29 / touchbar_overflow
  ☆14Updated 6 years ago
• xorrior / goesf
  Golang command line tool for the macOS Endpoint Security Framework
  ☆29Updated 5 years ago
• marirs / capa-rs
  File Capability Extractor
  ☆13Updated 3 months ago
• buzzer-re / whoexec
  Discover which process execute a hunted binary inside macOS
  ☆24Updated 3 years ago
• wbowling / hopper-radare2
  Grab functions from radare2
  ☆10Updated 7 years ago
• knightsc / Tracer
  macOS application that makes use of the EndpointSecurity framework
  ☆19Updated 5 years ago
• vivami / grey_fox
  The grey fox
  ☆25Updated 8 years ago
• objective-see / TAOMM
  The Art of Mac Malware
  ☆38Updated last month
• slyd0g / SwiftInMemoryLoading
  Swift implementation of in-memory Mach-O loading on macOS
  ☆61Updated 2 years ago
• knightsc / CVE
  A collection of CVE POC code
  ☆11Updated 5 years ago
• oherrala / xipology
  ☆18Updated last year
• mcarmanize / esfriend
  A minimal malware analysis sandbox for macOS
  ☆28Updated 2 years ago
• mandiant / macOS-tools
  ☆42Updated 7 years ago
• runZeroInc / excrypto
  excrypto offers specialized versions of the Go crypto, TLS, x509, and SSH packages designed for security research.
  ☆11Updated this week
• pstirparo / machofile
  machofile is a module to parse Mach-O binary files
  ☆48Updated last year
• Impalabs / applevisor
  Rust bindings fo the Apple Silicon Hypervisor.framework
  ☆32Updated 4 months ago
• polyverse / EnVisen
  ROP gadget finder and analysis in pure Javascript
  ☆29Updated 2 years ago
• gdbinit / MachOPlugin
  IDA plugin to Display Mach-O headers
  ☆20Updated 13 years ago
• osirislab / ugo-ghidra
  ☆21Updated 5 years ago
• trailofbits / anselm
  Detect patterns of bad behavior in function calls
  ☆25Updated 4 years ago
• becojo / asmbot
  Slack bot to assemble and disassemble using Capstone and Keystone
  ☆11Updated 5 years ago
• xorrior / xpcutil
  Golang Tool to interact with Launchd and other services with XPC
  ☆29Updated 4 years ago
• slyd0g / SwiftParseTCC
  Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format
  ☆38Updated 3 years ago