trailofbits/sinter

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/trailofbits/sinter)

trailofbits / sinter

A user-mode application authorization system for MacOS written in Swift

☆300

Alternatives and similar repositories for sinter

Users that are interested in sinter are comparing it to the libraries listed below

Sorting:

SuprHackerSteve / Crescendo
View on GitHub
Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.
☆1,071Jul 22, 2021Updated 4 years ago
theevilbit / Shield
View on GitHub
An app to protect against process injection and suspicious file links on macOS
☆228May 19, 2021Updated 4 years ago
antman1p / JXA_Proc_Tree
View on GitHub
A JXA script for enumerating running processes, printed out in a json, parent-child tree.
☆14Jan 28, 2022Updated 4 years ago
cedowens / SwiftBelt-JXA
View on GitHub
JXA implementation of some SwiftBelt functions. Author: Cedric Owens
☆46Jun 22, 2023Updated 2 years ago
objective-see / ProcessMonitor
View on GitHub
Process Monitor Library (based on Apple's new Endpoint Security Framework)
☆494Oct 20, 2023Updated 2 years ago
xorrior / goesf
View on GitHub
Golang command line tool for the macOS Endpoint Security Framework
☆29Nov 25, 2019Updated 6 years ago
xorrior / macOSTools
View on GitHub
macOS Offensive Tools
☆270Sep 28, 2023Updated 2 years ago
richiercyrus / Venator
View on GitHub
[⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.
☆177Jul 1, 2020Updated 5 years ago
google / upvote_py2
View on GitHub
A multi-platform binary whitelisting solution
☆450Sep 29, 2021Updated 4 years ago
antman1p / PrintTCCdb
View on GitHub
JXA script for Mythic that prints the TCC.db
☆15Apr 18, 2021Updated 4 years ago
0xmachos / apps-behaving-badly
View on GitHub
List of legitimate macOS apps doing not great things
☆35Feb 11, 2022Updated 4 years ago
buzzer-re / whoexec
View on GitHub
Discover which process execute a hunted binary inside macOS
☆27Dec 15, 2021Updated 4 years ago
melomac / lsunregister
View on GitHub
CLI to batch deregister applications in macOS LaunchServices database
☆22May 18, 2017Updated 8 years ago
waderobson / gcs-auth
View on GitHub
Secure your munki repo in Google Cloud Storage
☆25Nov 21, 2022Updated 3 years ago
themittenmac / TrueTree
View on GitHub
A command line tool for pstree-like output on macOS with additional pid capturing capabilities
☆276Aug 23, 2024Updated last year
vastlimits / esmat
View on GitHub
macOS Endpoint Security Message Analysis Tool
☆47Jan 31, 2022Updated 4 years ago
knightsc / EndpointSecurity
View on GitHub
A module to expose the Endpoint Security library to Swift
☆20Jul 10, 2019Updated 6 years ago
google / restor
View on GitHub
Restor is a user-friendly application to (mass) image macOS computers from a single source
☆225Jan 31, 2020Updated 6 years ago
google / santa
View on GitHub
A binary authorization and monitoring system for macOS
☆4,514Feb 5, 2025Updated last year
airbnb / rudolph
View on GitHub
A serverless sync server for Santa, built on AWS
☆106Jun 13, 2025Updated 9 months ago
usnistgov / macos_security
View on GitHub
macOS Security Compliance Project
☆2,273Mar 11, 2026Updated last week
theevilbit / macos
View on GitHub
☆33Jun 12, 2024Updated last year
slyd0g / SwiftInMemoryLoading
View on GitHub
Swift implementation of in-memory Mach-O loading on macOS
☆68Jul 19, 2022Updated 3 years ago
groob / moroz
View on GitHub
Moroz is a Santa server
☆145May 19, 2025Updated 10 months ago
joshua-d-miller / macOSLAPS-Legacy
View on GitHub
A python script that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows. If …
☆57Jun 14, 2017Updated 8 years ago
JayBrown / macOS-Security-Updates
View on GitHub
Notifies the user when macOS Security components like Gatekeeper and XProtect have been updated
☆61Mar 12, 2021Updated 5 years ago
droe / xnumon
View on GitHub
monitor macOS for malicious activity
☆237Feb 5, 2025Updated last year
cedowens / JXA-Runner
View on GitHub
Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.
☆23Apr 22, 2021Updated 4 years ago
knightsc / Tracer
View on GitHub
macOS application that makes use of the EndpointSecurity framework
☆19Aug 1, 2019Updated 6 years ago
cedowens / Inject_Dylib
View on GitHub
Swift code to programmatically perform dylib injection
☆52Oct 29, 2022Updated 3 years ago
matteyeux / binja-import-header
View on GitHub
Small binja plugin to import header file to types
☆18Nov 11, 2022Updated 3 years ago
cedowens / SwiftBelt
View on GitHub
A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens
☆341Apr 28, 2022Updated 3 years ago
its-a-feature / LockSmith
View on GitHub
ObjectiveC CLI tool for interacting with macOS Keychain
☆82Oct 10, 2022Updated 3 years ago
square / fde-rekey
View on GitHub
fde-rekey is a tool used to rotate/generate a macOS filevault2 personal recovery key without user interaction.
☆32Sep 25, 2017Updated 8 years ago
groob / mackit
View on GitHub
☆22Feb 24, 2018Updated 8 years ago
trailofbits / osquery-extensions
View on GitHub
osquery extensions by Trail of Bits
☆269Apr 12, 2023Updated 2 years ago
cedowens / Persistent-Swift
View on GitHub
A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…
☆34Apr 15, 2021Updated 4 years ago
erikng / gnes
View on GitHub
Get Network Extension Status
☆50Apr 28, 2023Updated 2 years ago
blacktop / darwin-webkit-build
View on GitHub
WebKit/JSC CodeQL Databases
☆17Dec 15, 2025Updated 3 months ago