richiercyrus / VenatorView external linksLinks
[⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.
☆177Jul 1, 2020Updated 5 years ago
Alternatives and similar repositories for Venator
Users that are interested in Venator are comparing it to the libraries listed below
Sorting:
- Swift Command line tool used for proactive detection of malicious activity on macOS systems.☆67Jul 1, 2020Updated 5 years ago
- AutoMacTC: Automated Mac Forensic Triage Collector☆558Mar 31, 2022Updated 3 years ago
- Apfell Golang macOS/Linux/Windows implant☆90Jul 31, 2021Updated 4 years ago
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆36Jun 1, 2023Updated 2 years ago
- A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens☆341Apr 28, 2022Updated 3 years ago
- ☆33Jun 12, 2024Updated last year
- Post-Infection Collection Toolkit☆95Jan 31, 2023Updated 3 years ago
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedri…☆123Dec 27, 2020Updated 5 years ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆275Aug 23, 2024Updated last year
- Library of traffic redirectors☆26Apr 7, 2020Updated 5 years ago
- macOS persistence tool☆229Feb 9, 2022Updated 4 years ago
- An app to protect against process injection and suspicious file links on macOS☆230May 19, 2021Updated 4 years ago
- monitor macOS for malicious activity☆237Feb 5, 2025Updated last year
- JXA script to allow programmatic persistence via macOS Calendar.app alerts.☆44Oct 31, 2020Updated 5 years ago
- Collection of macOS persistence methods and miscellaneous tools in JXA☆286Aug 3, 2023Updated 2 years ago
- Apfell POC Chrome Extension Payload☆10Jun 24, 2020Updated 5 years ago
- Parser for OSX/iOS FSEvents Logs☆273Dec 4, 2024Updated last year
- macOS (& ios) Artifact Parsing Tool☆982Feb 6, 2026Updated last week
- ☆16Jul 19, 2017Updated 8 years ago
- Pypykatz agent implemented in .NET☆84Mar 15, 2019Updated 6 years ago
- Golang command line tool for the macOS Endpoint Security Framework☆29Nov 25, 2019Updated 6 years ago
- pollen - A command-line tool for interacting with TheHive☆36Jun 6, 2019Updated 6 years ago
- Python-based cloud node for local use☆11Mar 7, 2018Updated 7 years ago
- A user-mode application authorization system for MacOS written in Swift☆301Sep 18, 2020Updated 5 years ago
- Get Network Extension Status☆50Apr 28, 2023Updated 2 years ago
- Silencing Sysmon via driver unload☆235Oct 13, 2022Updated 3 years ago
- A forensic evidence collection & analysis toolkit for OS X☆1,893Jun 19, 2019Updated 6 years ago
- The PowerThIEf, an Internet Explorer Post Exploitation library☆130Feb 27, 2025Updated 11 months ago
- Get or remove RunMRU values☆61Dec 11, 2019Updated 6 years ago
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- Suite of tools to facilitate attacks against the Jamf macOS management platform.☆189Feb 10, 2021Updated 5 years ago
- A PowerShell script to prevent Sysmon from writing its events☆16Apr 23, 2020Updated 5 years ago
- .NET tool for enumeration processes and dumping memory.☆57Apr 4, 2019Updated 6 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- A repository for using osquery for incident detection and response☆881Sep 8, 2025Updated 5 months ago
- Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.☆1,071Jul 22, 2021Updated 4 years ago
- An information security preparedness tool to do adversarial simulation.☆1,142Apr 1, 2019Updated 6 years ago