macOS Malware Collection
☆636Jan 19, 2026Updated last month
Alternatives and similar repositories for Malware
Users that are interested in Malware are comparing it to the libraries listed below
Sorting:
- The Art of Mac Malware☆65Nov 8, 2025Updated 3 months ago
- A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework☆211Aug 20, 2024Updated last year
- Scan your computer for applications that are either susceptible to dylib hijacking or have been hijacked.☆113Oct 11, 2025Updated 4 months ago
- OverSight monitors a mac's mic and webcam, alerting the user when the internal mic is activated, or whenever a process accesses the webca…☆643Sep 24, 2024Updated last year
- Visually explore all running tasks (processes) ....viewing its signature status, loaded dylibs, open files, network connection, and much …☆126Apr 30, 2025Updated 10 months ago
- Generic ransomware detector☆98Feb 24, 2026Updated last week
- "The missing ProcMon for macOS": Mac Monitor records Endpoint Security events and displays them for analysis.☆1,265Updated this week
- Process Monitor Library (based on Apple's new Endpoint Security Framework)☆493Oct 20, 2023Updated 2 years ago
- BOF to decrypt Signal Desktop chat logs☆71Feb 20, 2025Updated last year
- ☆129Apr 25, 2023Updated 2 years ago
- Aftermath is a free macOS IR framework☆569Sep 25, 2025Updated 5 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆42Aug 6, 2024Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- Network Monitor☆369Oct 5, 2024Updated last year
- Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…☆80Nov 21, 2023Updated 2 years ago
- BlockBlock provides continual protection by monitoring persistence locations.☆749Feb 24, 2026Updated last week
- And open-source version of % sfltool dumpbtm☆146Oct 18, 2023Updated 2 years ago
- A cross platform parser for Apple UnifiedLogs!☆330Feb 15, 2026Updated 2 weeks ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,821Nov 3, 2024Updated last year
- Golang command line tool for the macOS Endpoint Security Framework☆29Nov 25, 2019Updated 6 years ago
- Like AutoRuns ...but for macOS!☆669Dec 18, 2025Updated 2 months ago
- Position-independent Reflective Loader for macOS☆118Feb 19, 2026Updated last week
- EDR Lab for Experimentation Purposes☆1,413Updated this week
- Forensic Artifact Collection Tool for macOS☆118Jul 28, 2025Updated 7 months ago
- View all modules on that are loaded in the OS kernel☆86Feb 21, 2023Updated 3 years ago
- ☆31Feb 28, 2025Updated last year
- A modern 32/64-bit position independent implant template☆1,295Mar 21, 2025Updated 11 months ago
- Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…☆520Updated this week
- Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware☆38Updated this week
- Rust for malware Development is a repository for advanced Red Team techniques and offensive malwares & Ransomwares, focused on Rust 🦀☆3,311Feb 17, 2026Updated last week
- ☆33Jun 12, 2024Updated last year
- ☆17Sep 29, 2023Updated 2 years ago
- Analyse your malware to surgically obfuscate it☆519Dec 17, 2025Updated 2 months ago
- Linux Sleep Obfuscation☆112Jan 7, 2024Updated 2 years ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆568Jan 20, 2026Updated last month
- Because AV evasion should be easy.☆859Nov 28, 2024Updated last year
- Blocks unsigned internet binaries from executing (El Capitan)☆10Feb 1, 2021Updated 5 years ago
- Extracted Yara rules from Windows Defender mpavbase and mpasbase☆496Dec 22, 2025Updated 2 months ago
- Helper scripts to automate the extraction of YARA rules from XProtectRemediators☆22Mar 5, 2024Updated last year