A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Detect common classes of XPC exploits

A simple macOS system monitor.

iOS and macOS Decompiler

CellGuard is a research project that analyzes how cellular networks are operated and possibly surveilled

A list of Free Software network services and web applications which can be hosted on your own servers

Swift-based fuzzing tools

Mapping the MITRE ATT&CK Matrix with Osquery

Also known by Microsoft as Knifecoat 🌶️

List of Awesome macOS Red Teaming Resources.

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

Please no pull requests for this repository. Thanks!

A repo to support the book

Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods.

A tool to collect secrets (keys and passwords) and stage (compress and encrypt) them for exfiltration.

Collection of macOS persistence methods and miscellaneous tools in JXA

JXA script to allow programmatic persistence via macOS Calendar.app alerts.

👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

UAC bypass, Elevate, Persistence methods

A collaborative, multi-platform, red teaming framework

Jupuyter Notebooks For Learning OSQuery

A Python library to help with some common threat hunting data analysis operations

A curated list of Awesome Threat Intelligence resources

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.