A collection of projects demonstrating various commandline cloaking techniques on Linux
☆61Aug 4, 2022Updated 3 years ago
Alternatives and similar repositories for commandline_cloaking
Users that are interested in commandline_cloaking are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆18Sep 10, 2021Updated 4 years ago
- A CLI tool for leveraging IDP signing keys to impersonate users and groups☆19Apr 1, 2021Updated 5 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 5 years ago
- Spins up a docker container with several useful tools for offensive security in macOS/cloud environments. Also installs the needed depend…☆18Nov 3, 2021Updated 4 years ago
- Catalog Red Team techniques that cause popups in various macOS versions☆16Nov 18, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆40Jul 27, 2021Updated 4 years ago
- Discover which process execute a hunted binary inside macOS☆29Dec 15, 2021Updated 4 years ago
- JXA script based on research by Jeff Johnson on leveraging TextEdit to remove quarantine attributes on files. Jeff's original research is…☆17Jan 31, 2021Updated 5 years ago
- Swift code to run a dylib on disk☆16May 9, 2022Updated 4 years ago
- Collection of Slides From My Conference Talks☆21Nov 21, 2022Updated 3 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆22Aug 26, 2020Updated 5 years ago
- Execute MachO binaries in memory using CGo☆80May 24, 2021Updated 5 years ago
- Provides an easy way to collect and send Slack access & integration logs.☆13Oct 19, 2021Updated 4 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Rules Shared by the Community from 100 Days of YARA 2023 -☆18Apr 10, 2023Updated 3 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆16Dec 3, 2020Updated 5 years ago
- go-ima is a tool that checks if a file has been tampered with. It is useful in ensuring integrity in CI systems☆14Sep 28, 2023Updated 2 years ago
- Turning Your Computer Into a GPS Tracker With Apple Maps☆18Feb 6, 2024Updated 2 years ago
- Swift code to programmatically perform dylib injection☆53Oct 29, 2022Updated 3 years ago
- #️⃣ 🕸️ 👤 HTTP Headers Hashing☆12Aug 27, 2023Updated 2 years ago
- Various utilities useful for developers writing BPF tools☆32Mar 22, 2026Updated 2 months ago
- Payload designed for targeting Jamf enrolled devices.☆40May 19, 2023Updated 3 years ago
- a collection of profiles for macOS designed for penetration testing or red teaming☆37Apr 15, 2019Updated 7 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Research of modifying exported function names at runtime (C/C++, Windows)☆18May 28, 2024Updated 2 years ago
- An Ubuntu 18.04 box for Mythic C2 framework development☆17Jun 17, 2022Updated 3 years ago
- Mimic is a eBPF virtual machine and emulator which runs in userspace☆30May 28, 2022Updated 4 years ago
- Playing with PE's and Building Structures by Hand☆22Apr 21, 2022Updated 4 years ago
- JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.☆40Apr 20, 2022Updated 4 years ago
- A file system events notifier based on eBPF☆74Dec 5, 2025Updated 6 months ago
- JXA script to allow programmatic persistence via macOS Calendar.app alerts.☆44Oct 31, 2020Updated 5 years ago
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 4 years ago
- https://wojciechregula.blog/post/macos-red-teaming-get-ad-credentials-from-nomad/☆43Mar 4, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)☆18Dec 5, 2021Updated 4 years ago
- Linux Kernel Runtime Integrity with eBPF☆186Nov 23, 2023Updated 2 years ago
- Shell wrapper with keylogger (local log or syslog)☆13Nov 1, 2017Updated 8 years ago
- POC for a basic C2 server using the python aiohttp framework☆15Mar 22, 2020Updated 6 years ago
- Objective-C runtime library wrapper for Nim☆19Jun 7, 2017Updated 9 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆154Feb 16, 2022Updated 4 years ago
- Simple stacking window manager for X11☆11Aug 26, 2020Updated 5 years ago