objective-see/Malware external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

objective-see/Malware

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/objective-see/Malware)

Close

objective-see / MalwareView on GitHubMore

• External links
• Readme badge

macOS Malware Collection

☆711Jun 3, 2026Updated last week

Alternatives and similar repositories for Malware

Users that are interested in Malware are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• objective-see / OverSight

  View on GitHub
  OverSight monitors a mac's mic and webcam, alerting the user when the internal mic is activated, or whenever a process accesses the webca…
  ☆663Sep 24, 2024Updated last year
• objective-see / TAOMM

  View on GitHub
  The Art of Mac Malware
  ☆73May 28, 2026Updated 2 weeks ago
• objective-see / DNSMonitor

  View on GitHub
  A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework
  ☆217Aug 20, 2024Updated last year
• objective-see / DylibHijackScanner

  View on GitHub
  Scan your computer for applications that are either susceptible to dylib hijacking or have been hijacked.
  ☆122Oct 11, 2025Updated 8 months ago
• Brandon7CC / mac-monitor

  View on GitHub
  "The missing ProcMon for macOS": Mac Monitor records Endpoint Security events and displays them for analysis.
  ☆1,344Apr 7, 2026Updated 2 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• objective-see / RansomWhere

  View on GitHub
  Generic ransomware detector
  ☆125Apr 1, 2026Updated 2 months ago
• objective-see / ProcessMonitor

  View on GitHub
  Process Monitor Library (based on Apple's new Endpoint Security Framework)
  ☆500Oct 20, 2023Updated 2 years ago
• xpn / DyldDeNeuralyzer

  View on GitHub
  ☆135Apr 25, 2023Updated 3 years ago
• objective-see / TaskExplorer

  View on GitHub
  Visually explore all running tasks (processes) ....viewing its signature status, loaded dylibs, open files, network connection, and much …
  ☆140Apr 30, 2025Updated last year
• jamf / aftermath

  View on GitHub
  Aftermath is a free macOS IR framework
  ☆583Sep 25, 2025Updated 8 months ago
• PhorionTech / Kronos

  View on GitHub
  Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…
  ☆82Nov 21, 2023Updated 2 years ago
• objective-see / Netiquette

  View on GitHub
  Network Monitor
  ☆378Oct 5, 2024Updated last year
• infosecB / LOOBins

  View on GitHub
  Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…
  ☆540Jun 4, 2026Updated last week
• objective-see / BlockBlock

  View on GitHub
  BlockBlock provides continual protection by monitoring persistence locations.
  ☆813Updated this week
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• xorrior / goesf

  View on GitHub
  Golang command line tool for the macOS Endpoint Security Framework
  ☆29Nov 25, 2019Updated 6 years ago
• 0xRedpoll / SignalKeyBOF

  View on GitHub
  BOF to decrypt Signal Desktop chat logs
  ☆70Feb 20, 2025Updated last year
• mandiant / macos-UnifiedLogs

  View on GitHub
  A cross platform parser for Apple UnifiedLogs!
  ☆359Updated this week
• outflanknl / macho-loader

  View on GitHub
  Position-independent Reflective Loader for macOS
  ☆127Feb 19, 2026Updated 3 months ago
• rad9800 / RansomFS

  View on GitHub
  ☆31Feb 28, 2025Updated last year
• kohnakagawa / cidre-vm

  View on GitHub
  Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware
  ☆38Feb 24, 2026Updated 3 months ago
• objective-see / KnockKnock

  View on GitHub
  Like AutoRuns ...but for macOS!
  ☆743Dec 18, 2025Updated 5 months ago
• Xacone / BestEdrOfTheMarket

  View on GitHub
  EDR Lab for Experimentation Purposes
  ☆1,453Updated this week
• theevilbit / macos

  View on GitHub
  ☆34Jun 12, 2024Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• netero1010 / EDRSilencer

  View on GitHub
  A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …
  ☆1,864Nov 3, 2024Updated last year
• Cracked5pider / unguard-eat

  View on GitHub
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆42Aug 6, 2024Updated last year
• zzhsec / NlsCodeInjectionThroughRegistry

  View on GitHub
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆16Jun 18, 2022Updated 3 years ago
• ald3ns / copy-as-yara

  View on GitHub
  This is a little plugin to copy disassembly in a way that is usable in YARA rules!
  ☆48Apr 14, 2025Updated last year
• gatariee / gocheck

  View on GitHub
  Because AV evasion should be easy.
  ☆878Nov 28, 2024Updated last year
• objective-see / KextViewr

  View on GitHub
  View all modules on that are loaded in the OS kernel
  ☆92Feb 21, 2023Updated 3 years ago
• pstirparo / machofile

  View on GitHub
  machofile is a module to parse Mach-O binary files
  ☆96Feb 10, 2026Updated 4 months ago
• outflanknl / edr-internals

  View on GitHub
  Tools for analyzing EDR agents
  ☆277Jun 10, 2024Updated 2 years ago
• slyd0g / ObjCShellcodeLoader

  View on GitHub
  macOS shellcode loader written in Objective-C
  ☆48Jul 15, 2022Updated 3 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• thiagomayllart / Blender

  View on GitHub
  This repository contains the technique presented at SOCON2025 for stealing cookies silently from MacOS Sequoia with only root privileges
  ☆12Mar 27, 2025Updated last year
• dobin / avred

  View on GitHub
  Analyse your malware to surgically obfuscate it
  ☆535Dec 17, 2025Updated 5 months ago
• gergelykalman / CVE-2023-32364-macos-app-sandbox-escape

  View on GitHub
  Exploit for CVE-2023-32364
  ☆23Sep 26, 2023Updated 2 years ago
• Helixo32 / CrimsonEDR

  View on GitHub
  Simulate the behavior of AV/EDR for malware development training.
  ☆566Feb 15, 2024Updated 2 years ago
• mbog14 / CVE-2024-44193

  View on GitHub
  Hacking Windows through iTunes  - Local Privilege Escalation 0-day
  ☆98Oct 4, 2024Updated last year
• kyleavery / pendulum

  View on GitHub
  Linux Sleep Obfuscation
  ☆129Jan 7, 2024Updated 2 years ago
• daem0nc0re / macOS_ARM64_Shellcode

  View on GitHub
  ARM64 macOS assembly program for null-byte free shellcode
  ☆108Jun 8, 2025Updated last year