macOS Endpoint Security Message Analysis Tool
☆47Jan 31, 2022Updated 4 years ago
Alternatives and similar repositories for esmat
Users that are interested in esmat are comparing it to the libraries listed below
Sorting:
- Useless tools for exploring Virtualization.framework☆25Jun 14, 2021Updated 4 years ago
- macOS application that makes use of the EndpointSecurity framework☆19Aug 1, 2019Updated 6 years ago
- Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework☆22Jan 22, 2021Updated 5 years ago
- ☆15Jun 2, 2015Updated 10 years ago
- ☆11Jun 5, 2024Updated last year
- Dry::CLI Command to generate a completion script for bash/zsh☆12May 28, 2025Updated 9 months ago
- Use Ghidra Structs in Python☆30Mar 28, 2021Updated 4 years ago
- ESF modular ingestion tool for development and research.☆38Dec 21, 2021Updated 4 years ago
- C++ library for com.apple.network.statistics kernel events on MacOS/OS X/Darwin☆22Feb 3, 2021Updated 5 years ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆276Aug 23, 2024Updated last year
- tlsplayback is a set of Proof of Concepts (PoC) showing real-world replay attacks against TLS 1.3 libraries and browsers by exploiting 0-…☆16Aug 11, 2018Updated 7 years ago
- Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedri…☆124Dec 27, 2020Updated 5 years ago
- Dotfiles and scripts to configure macOS the way I like it. Caveat emptor 😉🔥☆37Updated this week
- Shell script for Mac OS X which changes the library prefix for a series of shared libraries in a folder or a single executable.☆21Jun 14, 2013Updated 12 years ago
- A cross platform parser for Apple UnifiedLogs!☆334Mar 8, 2026Updated 2 weeks ago
- Description of Apple's LEAP ISA☆16Nov 21, 2022Updated 3 years ago
- APFS parser written in pure Go☆79Feb 23, 2026Updated 3 weeks ago
- A ruleset to find potentially malicious code in macOS malware samples☆41Aug 29, 2023Updated 2 years ago
- Small binja plugin to import header file to types☆18Nov 11, 2022Updated 3 years ago
- This is a complete Xcode project of the Endpoint Security Demo gist: https://gist.github.com/Omar-Ikram/8e6721d8e83a3da69b31d4c2612a68ba☆20Jan 5, 2025Updated last year
- And open-source version of % sfltool dumpbtm☆147Oct 18, 2023Updated 2 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- UPDATED: All the action is at https://github.com/xsscx/srd☆13Jul 12, 2021Updated 4 years ago
- Kubernetes-based system for serving ephemeral macOS virtual machines (VMs)☆22Aug 16, 2025Updated 7 months ago
- WebKit/JSC CodeQL Databases☆17Dec 15, 2025Updated 3 months ago
- A user-mode application authorization system for MacOS written in Swift☆300Sep 18, 2020Updated 5 years ago
- Slides and material from my conference presentations☆16Mar 30, 2024Updated last year
- View all modules on that are loaded in the OS kernel☆87Feb 21, 2023Updated 3 years ago
- IDA Python's idc.py <= 7.3 compatibility module☆21Oct 11, 2019Updated 6 years ago
- Yara syntax highlighting☆25Sep 4, 2021Updated 4 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Feb 3, 2022Updated 4 years ago
- A recursive call of OS X's install_name_tool for shared library distributions☆19Nov 4, 2015Updated 10 years ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆65Dec 21, 2022Updated 3 years ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Oct 14, 2020Updated 5 years ago
- "The missing ProcMon for macOS": Mac Monitor records Endpoint Security events and displays them for analysis.☆1,277Updated this week
- CoreFollowUp phishing attack on macOS☆15Mar 15, 2022Updated 4 years ago
- A Go library speaking Hex-Rays IDA lumina protocol☆38Jun 15, 2023Updated 2 years ago
- X-Monitor is an open-source, extensible event monitoring tool for macOS that provides security professionals with the ability to perform …☆19May 1, 2024Updated last year
- A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework☆211Aug 20, 2024Updated last year