gwen001 / offsectools_www

A vast collection of security tools and resources curated by the community.
https://offsec.tools
180 stars 23 forks source link

[addtool] LOOBins #1291

Closed piyush-security closed 1 year ago

piyush-security commented 1 year ago

[link] https://github.com/infosecB/LOOBins [/link]

[link] https://loobins.io/ [/link]

[tags] binaries, scripts, resources [/tags]

[short_descr] Living Off the Orchard: macOS Binaries (LOOBins) [/short_descr]

[long_descr] Living Off the Orchard: macOS Binaries (LOOBins) is a resource designed to provide detailed information on various built-in macOS binaries and how they can be used by threat actors for malicious purposes. The goal of this website is to serve as a one-stop resource for cybersecurity professionals and researchers attempting to understand and defend against the potential risks associated with each binary.

This website contains a working list of "living off the land" macOS binaries that can be leveraged for malicious purposes to achieve tactics such as command execution, privilege escalation, persistence, and data exfiltration. By outlining the functions and potential misuse of each binary, this resource aims to raise awareness about the growing threat landscape in the macOS ecosystem.

Each LOOBin is categorized into MITRE ATT&CK tactics and various tags, allowing users to easily navigate and locate information on the macOS LOOBins of interest. Additionally, the resources provides example uses of each binary, recommendations and signatures on how to best detect malicious activity, and links to other third-party resources.

The content contained in each LOOBin can also be programmatically consumed. All LOOBins can be consumed using the JSON API or by using the Python SDK/CLI tool, PyLOOBins.

[/long_descr]

[image] image [/image]

gwen001 commented 1 year ago

Problem occured with the following fields:

Check the guidelines or use the template created for that purpose.

gwen001 commented 1 year ago

Issue correctly handled, tool is waiting for human validation.

gwen001 commented 1 year ago

Tool has been accepted by the team: https://offsec.tools/tool/loobins

Thank you for your contribution!