trailofbits / sinter
A user-mode application authorization system for MacOS written in Swift
☆301Updated 4 years ago
Related projects: ⓘ
- Process Monitor Library (based on Apple's new Endpoint Security Framework)☆422Updated 10 months ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆236Updated 3 weeks ago
- An app to protect against process injection and suspicious file links on macOS☆217Updated 3 years ago
- Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.☆1,009Updated 3 years ago
- Every OS X/ macOS white paper☆114Updated 4 years ago
- process info/monitoring library for macOS☆413Updated 3 years ago
- File Monitor Library (based on Apple's new Endpoint Security Framework)☆320Updated last year
- A simple auditing utility for macOS☆280Updated 3 years ago
- WhatsYourSign adds a menu item to Finder.app. Simply right-, or control-click on any file to display its cryptographic signing informatio…☆270Updated 7 months ago
- Bash script to audit and fix macOS Catalina (10.15.x) security settings☆225Updated 3 years ago
- [⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.☆174Updated 4 years ago
- A serverless sync server for Santa, built on AWS☆80Updated 5 months ago
- Moroz is a Santa server☆130Updated 6 months ago
- BlockBlock provides continual protection by monitoring persistence locations.☆629Updated this week
- And open-source version of % sfltool dumpbtm☆111Updated 11 months ago
- A utility to sniff preferences changes to macOS plist files☆242Updated 8 months ago
- Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…☆68Updated 9 months ago
- Various scripts for macOS tasks☆114Updated 4 months ago
- Detect Evil Maid Attacks☆291Updated 3 years ago
- Malware and other applications may install persistent keyboard "event taps" to intercept your keystrokes. ReiKey can scan, detect, and mo…☆325Updated 3 years ago
- List of legitimate macOS apps doing not great things☆35Updated 2 years ago
- Mapping XProtect's obfuscated malware family names to common industry names.☆82Updated 4 months ago
- Tools to explore the XPC interface of Apple's T2 chip☆157Updated 5 years ago
- Secure example of an XPC helper written in Swift☆99Updated 4 years ago
- monitor macOS for malicious activity☆230Updated 5 years ago
- View and remove notification messages from Apple's "Notification Database"☆100Updated 3 years ago
- A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework☆162Updated 3 weeks ago
- ☆147Updated last year
- Apple Content Cache Reverse Engineering☆123Updated last year
- An osquery extension for endpoint engineers☆96Updated last week