-
-
KnockKnock Public
Enumerate persistently installed software
-
OverSight Public
OverSight monitors a mac's mic and webcam, alerting the user when the internal mic is activated, or whenever a process accesses the webcam.
-
-
LuLu Public
LuLu is the free macOS firewall
-
BlockBlock Public
BlockBlock provides continual protection by monitoring persistence locations.
-
Netiquette Public
Network Monitor
-
DNSMonitor Public
A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework
-
RansomWhere Public
Generic ransomware detector
-
WhatsYourSign Public
WhatsYourSign adds a menu item to Finder.app. Simply right-, or control-click on any file to display its cryptographic signing information!
-
ProcessMonitor Public
Process Monitor Library (based on Apple's new Endpoint Security Framework)
-
DumpBTM Public
And open-source version of % sfltool dumpbtm
-
DylibHijackScanner Public
Scan your computer for applications that are either susceptible to dylib hijacking or have been hijacked.
-
KextViewr Public
View all modules on that are loaded in the OS kernel
-
FileMonitor Public
File Monitor Library (based on Apple's new Endpoint Security Framework)
-
-
Mach-O Public
A (basic) Mach-O Library
-
AuRevoir Public
View and remove notification messages from Apple's "Notification Database"
-
fromAppStore Public
checks if an application is pristine (untampered) and from the official Mac App Store
-
sniffMK Public
sniff mouse and keyboard events
-
ProcInfoExample Public
example project, utilizing Proc Info library
-
DoNotDisturb Public
Detect Evil Maid Attacks
-
ProcInfo Public
process info/monitoring library for macOS
-
ReiKey Public
Malware and other applications may install persistent keyboard "event taps" to intercept your keystrokes. ReiKey can scan, detect, and monitor for such taps!
-
LockDown Public
Audits and remediates security configuration settings (El Capitan)
-
TaskExplorer Public
Visually explore all running tasks (processes) ....viewing its signature status, loaded dylibs, open files, network connection, and much more.
-
Ostiarius Public
Blocks unsigned internet binaries from executing (El Capitan)
-
blackhat-arsenal-tools Public
Forked from toolswatch/blackhat-arsenal-toolsOfficial Black Hat Arsenal Security Tools Repository
-