Alternatives and similar repositories for pedro

Users that are interested in pedro are comparing it to the libraries listed below

• mandiant / macos-UnifiedLogs
  A cross platform parser for Apple UnifiedLogs!
  ☆290Updated last month
• PhorionTech / Kronos
  Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…
  ☆76Updated last year
• SentineLabs / XProtect-Malware-Families
  Mapping XProtect's obfuscated malware family names to common industry names.
  ☆89Updated last week
• pstirparo / machofile
  machofile is a module to parse Mach-O binary files
  ☆89Updated 3 months ago
• jamf / aftermath
  Aftermath is a free macOS IR framework
  ☆552Updated last month
• themittenmac / TrueTree
  A command line tool for pstree-like output on macOS with additional pid capturing capabilities
  ☆266Updated last year
• northpolesec / santa
  A binary and file access authorization system for macOS.
  ☆427Updated this week
• secureworks / atomic-harness
  A tool to run and validate telemetry for Atomic Red Team tests
  ☆15Updated last year
• vobst / btf2json
  Generate Volatility3 profiles from BTF.
  ☆29Updated 10 months ago
• cedowens / EntitlementCheck
  Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…
  ☆97Updated 3 years ago
• SentineLabs / macos-ttps-yara
  A ruleset to find potentially malicious code in macOS malware samples
  ☆41Updated 2 years ago
• vastlimits / esmat
  macOS Endpoint Security Message Analysis Tool
  ☆47Updated 3 years ago
• ydkhatri / UnifiedLogReader
  A parser for Unified logging tracev3 files
  ☆95Updated 3 months ago
• themittenmac / threat-hunting-macos-book
  A companion Github repo for the book - Threat Hunting macOS by Jaron Bradley
  ☆13Updated 3 months ago
• mac4n6 / FSEventsParser
  Parser fo macOS/iOS FSEvents Logs
  ☆38Updated last year
• EC-DIGIT-CSIRC / sysdiagnose
  Forensic toolkit for iOS sysdiagnose feature
  ☆237Updated this week
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆111Updated 5 months ago
• secwest / fast-fwsign
  ☆28Updated last year
• l0psec / arm64_macOS_Syscalls
  ☆54Updated last year
• mcarmanize / esfriend
  A minimal malware analysis sandbox for macOS
  ☆34Updated 2 years ago
• msuiche / elegant-bouncer
  ELEGANTBOUNCER is a detection tool for file-based mobile exploits.
  ☆156Updated last month
• HarfangLab / endpoint-sec
  Rust Bindings for Endpoint Security
  ☆32Updated last week
• Houwenda / FSEventsParser-rs
  Yet another fseventsd parser for macOS forensics
  ☆11Updated last year
• ald3ns / copy-as-yara
  This is a little plugin to copy disassembly in a way that is usable in YARA rules!
  ☆47Updated 7 months ago
• google / dfiq
  DFIQ is a collection of investigative questions and the approaches for answering them
  ☆294Updated 9 months ago
• stuartjash / aftermath
  Aftermath is a free macOS incident response framework
  ☆34Updated last month
• CiscoCXSecurity / log4j
  Detection rules to look for Log4J usage and exploitation
  ☆18Updated 4 months ago
• facebookincubator / pces
  Persistent Certificate Store (PCeS) is a certificate lifecycle management system written in Go.
  ☆20Updated last week
• runreveal / sigmalite
  ☆51Updated last month
• knightsc / EndpointSecurity
  A module to expose the Endpoint Security library to Swift
  ☆20Updated 6 years ago