Cedric Owens
MacC2
python-based Mac Command and Control that uses internal API calls instead of command line utilities. Author: Cedric Owens
MacShell
MacShell post exploitation tool designed or blue teams to build macOS detections. Author: Cedric Owens
MacShellSwift
Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedric Owens
Mod_Rewrite_Automation
Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.
Mythic-Macro-Generator
Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens
Persistent-Swift
A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/PersistentJXA
Spotlight-Enum-Kit
JXA and swift code that can perform some macOS situational awareness without generating TCC prompts.
Swift-Attack
Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods.
SwiftBelt
A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens
SwiftBelt-JXA
JXA implementation of some SwiftBelt functions. Author: Cedric Owens