objective-see / TAOMM
The Art of Mac Malware
☆41Updated 2 weeks ago
Alternatives and similar repositories for TAOMM:
Users that are interested in TAOMM are comparing it to the libraries listed below
- Scan your computer for applications that are either susceptible to dylib hijacking or have been hijacked.☆91Updated last year
- A (basic) Mach-O Library☆21Updated 3 years ago
- A library to parse macOS LoginItems☆17Updated 2 years ago
- Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware☆30Updated 2 months ago
- A minimal malware analysis sandbox for macOS☆28Updated 2 years ago
- ☆31Updated 9 months ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆39Updated 3 years ago
- View all modules on that are loaded in the OS kernel☆73Updated 2 years ago
- A parsing tool for backgrounditems.btm☆47Updated 7 months ago
- Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…☆73Updated last year
- Curated list of tools, techniques and resources related to Apple Security (macOS, iOS, iPadOS, tvOS, watchOS) aimed to help people with a…☆49Updated 3 months ago
- Discover which process execute a hunted binary inside macOS☆24Updated 3 years ago
- macOS Security Research☆115Updated last year
- macOS Endpoint Security Message Analysis Tool☆47Updated 3 years ago
- JavaScript for Automation (JXA) macOS agent☆74Updated last month
- Helper scripts to automate the extraction of YARA rules from XProtectRemediators☆19Updated last year
- Norimaci is a simple and lightweight malware analysis sandbox for macOS☆69Updated 5 years ago
- Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…☆96Updated 2 years ago
- Mapping XProtect's obfuscated malware family names to common industry names.☆84Updated 11 months ago
- Uses Apple's MDM protocol to backdoor a device with a malicious profile.☆52Updated 3 years ago
- machofile is a module to parse Mach-O binary files☆49Updated last year
- Examples of programmatically interacting with ioreg and sysctl to query system info☆10Updated 2 years ago
- Visually explore all running tasks (processes) ....viewing its signature status, loaded dylibs, open files, network connection, and much …☆95Updated 4 years ago
- Generic ransomware detector☆86Updated last year
- Kass: A security research tool.☆61Updated this week
- Swift Command line tool used for proactive detection of malicious activity on macOS systems.☆68Updated 4 years ago
- ObjectiveC CLI tool for interacting with macOS Keychain☆78Updated 2 years ago
- A Ghidra extension for reverse-engineering macOS binaries.☆18Updated 2 months ago
- This is a work-in-progress command line tool for reversing run-only AppleScripts. It will help parse the output of applescript-disassembl…☆66Updated 4 years ago
- Scripts to secure and harden Mac OS X☆32Updated 3 years ago