Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-15 01:17:36 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/macos-hardening/macos-security-and-privilege-escalation/macos-defensive-apps.md
Carlos Polop da6aaca1c2 a
2024-02-08 22:36:15 +01:00

3.8 KiB
Raw Blame History

macOS Defensive Apps

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

Firewalls

  • Little Snitch: It will monitor every connection made by each process. Depending on the mode (silent allow connections, silent deny connection and alert) it will show you an alert every time a new connection is stablished. It also has a very nice GUI to see all this information.
  • LuLu: Objective-See firewall. This is a basic firewall that will alert you for suspicious connections (it has a GUI but it isn't as fancy as the one of Little Snitch).

Persistence detection

  • KnockKnock: Objective-See application that will search in several locations where malware could be persisting (it's a one-shot tool, not a monitoring service).
  • BlockBlock: Like KnockKnock by monitoring processes that generate persistence.

Keyloggers detection

  • ReiKey: Objective-See application to find keyloggers that install keyboard "event taps"

Ransomware detection

  • RansomWhere: Objective-See application to detect file encryption actions.

Mic & Webcam detection

  • OverSight: Objective-See application to detect application that starts using webcam and mic.

Process Injection detection

  • Shield: Applicaiton that detects different process injection techniques.
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks: