wowsignal-io / pedroLinks
Pipeline EDR Observer - A lightweight, open source EDR for Linux
☆15Updated last week
Alternatives and similar repositories for pedro
Users that are interested in pedro are comparing it to the libraries listed below
Sorting:
- Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…☆75Updated last year
- Mapping XProtect's obfuscated malware family names to common industry names.☆86Updated last year
- A cross platform parser for Apple UnifiedLogs!☆281Updated last week
- machofile is a module to parse Mach-O binary files☆89Updated 2 months ago
- Generate Volatility3 profiles from BTF.☆29Updated 10 months ago
- A binary and file access authorization system for macOS.☆407Updated this week
- Aftermath is a free macOS IR framework☆544Updated 3 weeks ago
- A command line tool for pstree-like output on macOS with additional pid capturing capabilities☆264Updated last year
- A tool to run and validate telemetry for Atomic Red Team tests☆15Updated last year
- ☆28Updated last year
- Aftermath is a free macOS incident response framework☆33Updated 3 weeks ago
- A serverless sync server for Santa, built on AWS☆102Updated 4 months ago
- Scripts (python3 and Swift) for macOS to recursively check /Applications and also check /usr/local/bin, /usr/bin, and /usr/sbin for binar…☆97Updated 3 years ago
- A ruleset to find potentially malicious code in macOS malware samples☆40Updated 2 years ago
- The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…☆75Updated last week
- Rust Bindings for Endpoint Security☆31Updated last week
- ELEGANTBOUNCER is a detection tool for file-based mobile exploits.☆155Updated last month
- macOS Endpoint Security Message Analysis Tool☆47Updated 3 years ago
- A minimal malware analysis sandbox for macOS☆32Updated 2 years ago
- DFIQ is a collection of investigative questions and the approaches for answering them☆292Updated 9 months ago
- Parser fo macOS/iOS FSEvents Logs☆38Updated last year
- ☆52Updated last year
- An osquery extension for endpoint engineers☆112Updated last week
- A parser for Unified logging tracev3 files☆95Updated 3 months ago
- ☆15Updated 3 years ago
- This is a little plugin to copy disassembly in a way that is usable in YARA rules!☆47Updated 6 months ago
- A module to expose the Endpoint Security library to Swift☆20Updated 6 years ago
- Forensic toolkit for iOS sysdiagnose feature☆225Updated last week
- convert ELF/DWARF symbol and type information into vol3's intermediate JSON☆136Updated last year
- Pokes users about outstanding security risks found by Crowdstrike Spotlight or vmware Workspace ONE so they secure their own endpoint.☆29Updated this week