Alternatives and similar repositories for Awesome-macOS-Red-Teaming

Users that are interested in Awesome-macOS-Red-Teaming are comparing it to the libraries listed below

• D00MFist / Mystikal

  View on GitHub
  macOS Initial Access Payload Generator
  ☆322Jan 10, 2024Updated 2 years ago
• hotnops / mythic-sync

  View on GitHub
  A tool to sync mythic events with ghostwriter oplog.
  ☆14Nov 21, 2024Updated last year
• its-a-feature / dylibHijackScanner

  View on GitHub
  Objective C dylibHijackScanner and analysis tool
  ☆38Jul 12, 2023Updated 2 years ago
• its-a-feature / offensive_macos

  View on GitHub
  Tracking of offensive macOS tooling, blogs, and related helpful information
  ☆192Nov 18, 2024Updated last year
• D00MFist / PersistentJXA

  View on GitHub
  Collection of macOS persistence methods and miscellaneous tools in JXA
  ☆286Aug 3, 2023Updated 2 years ago
• its-a-feature / Orchard

  View on GitHub
  JavaScript for Automation (JXA) tool to do Active Directory enumeration.
  ☆105Feb 19, 2022Updated 3 years ago
• cedowens / Dylib_Runner

  View on GitHub
  Swift code to run a dylib on disk
  ☆16May 9, 2022Updated 3 years ago
• 0xmachos / macOS-Security-Research

  View on GitHub
  macOS Security Research
  ☆122Mar 15, 2024Updated last year
• MythicAgents / apfell

  View on GitHub
  JavaScript for Automation (JXA) macOS agent
  ☆90Feb 2, 2026Updated last week
• slyd0g / SwiftLiverpool

  View on GitHub
  Enumerate Location Services using CoreLocation API on macOS
  ☆18Dec 2, 2021Updated 4 years ago
• N7WEra / SharpAllTheThings

  View on GitHub
  The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
  ☆479May 24, 2022Updated 3 years ago
• Aetsu / OffensivePipeline

  View on GitHub
  OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…
  ☆821Oct 27, 2023Updated 2 years ago
• its-a-feature / LockSmith

  View on GitHub
  ObjectiveC CLI tool for interacting with macOS Keychain
  ☆82Oct 10, 2022Updated 3 years ago
• cedowens / JXA-Runner

  View on GitHub
  Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.
  ☆23Apr 22, 2021Updated 4 years ago
• its-a-feature / Mythic

  View on GitHub
  A collaborative, multi-platform, red teaming framework
  ☆4,296Updated this week
• klezVirus / CheeseTools

  View on GitHub
  Self-developed tools for Lateral Movement/Code Execution
  ☆720Aug 17, 2021Updated 4 years ago
• infosecB / LOOBins

  View on GitHub
  Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…
  ☆519Dec 19, 2025Updated last month
• checkymander / Sharp-SMBExec

  View on GitHub
  SMBExec C# module
  ☆219Aug 21, 2020Updated 5 years ago
• cedowens / SwiftBelt

  View on GitHub
  A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens
  ☆341Apr 28, 2022Updated 3 years ago
• rootsecdev / Azure-Red-Team

  View on GitHub
  Azure Security Resources and Notes
  ☆1,707Feb 2, 2026Updated last week
• kyleavery / inject-assembly

  View on GitHub
  Inject .NET assemblies into an existing process
  ☆508Jan 19, 2022Updated 4 years ago
• api0cradle / RedTeamScripts

  View on GitHub
  Just some random Red Team Scripts that can be useful
  ☆154Jun 28, 2024Updated last year
• mgeeky / RedWarden

  View on GitHub
  Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
  ☆992Oct 7, 2022Updated 3 years ago
• antman1p / PrintTCCdb

  View on GitHub
  JXA script for Mythic that prints the TCC.db
  ☆15Apr 18, 2021Updated 4 years ago
• fastlorenzo / redelk-kibana-app

  View on GitHub
  Kibana app for RedELK
  ☆18Mar 19, 2023Updated 2 years ago
• its-a-feature / macos-popups

  View on GitHub
  Catalog Red Team techniques that cause popups in various macOS versions
  ☆15Nov 18, 2024Updated last year
• Crypt0s / DelegationBOF

  View on GitHub
  ☆142May 4, 2022Updated 3 years ago
• cedowens / Persistent-Swift

  View on GitHub
  A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…
  ☆34Apr 15, 2021Updated 4 years ago
• boku7 / BokuLoader

  View on GitHub
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆1,398Nov 22, 2023Updated 2 years ago
• r3ggi / electroniz3r

  View on GitHub
  Take over macOS Electron apps' TCC permissions
  ☆220Aug 12, 2023Updated 2 years ago
• cedowens / Mythic-Macro-Generator

  View on GitHub
  Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens
  ☆48Apr 15, 2021Updated 4 years ago
• cedowens / SwiftBelt-JXA

  View on GitHub
  JXA implementation of some SwiftBelt functions. Author: Cedric Owens
  ☆46Jun 22, 2023Updated 2 years ago
• ab2pentest / MacOSThreatTrack

  View on GitHub
  Bash tool used for proactive detection of malicious activity on macOS systems.
  ☆39Sep 29, 2025Updated 4 months ago
• mgeeky / cobalt-arsenal

  View on GitHub
  My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
  ☆1,098Apr 19, 2023Updated 2 years ago
• fortra / nanodump

  View on GitHub
  The swiss army knife of LSASS dumping
  ☆2,069Sep 17, 2024Updated last year
• OG-Sadpanda / SharpExcelibur

  View on GitHub
  Read Excel Spreadsheets (XLS/XLSX) using Cobalt Strike's Execute-Assembly
  ☆90Sep 30, 2024Updated last year
• frozenkp / gdoor

  View on GitHub
  A red team emulation tool deveoped by CyCraft Technology
  ☆25Apr 18, 2024Updated last year
• redskal / SharpAzbelt

  View on GitHub
  .NET port of Leron Gray's azbelt tool.
  ☆26Sep 21, 2023Updated 2 years ago
• med0x2e / ExecuteAssembly

  View on GitHub
  Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…
  ☆595Jul 26, 2021Updated 4 years ago