{"id":28668,"date":"2023-03-30T12:51:43","date_gmt":"2023-03-30T12:51:43","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=28668"},"modified":"2023-03-30T12:51:44","modified_gmt":"2023-03-30T12:51:44","slug":"macosthreattrack","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/","title":{"rendered":"MacOSThreatTrack : Bash Tool Used For Proactive Detection Of Malicious Activity On macOS Systems"},"content":{"rendered":"\n

MacOSThreatTrack <\/strong>is a Bash tool used for proactive detection of malicious activity on macOS systems.<\/p>\n\n\n\n

<\/a>The tool is being tested in the beta phase, and it only gathers MacOS system information at this time.<\/h2>\n\n\n\n

The code is poorly organized and requires significant improvements.<\/strong><\/p>\n\n\n\n

Description<\/h2>\n\n\n\n

Bash tool used for proactive detection of malicious activity on macOS systems.<\/p>\n\n\n\n

I was inspired by Venator-Swift<\/a> and decided to create a bash version of the tool.<\/p>\n\n\n\n

<\/a>OneLiner command<\/h2>\n\n\n\n
curl https:\/\/raw.githubusercontent.com\/ab2pentest\/MacOSThreatTrack\/main\/MacOSThreatTrack.sh | bash<\/strong><\/pre>\n\n\n\n
<\/a><\/h2>\n\n\n\n
Gathered information<\/h2>\n\n\n\n
[+] System info\n[+] Users list\n[+] Environment variables\n[+] Process list\n[+] Active network connections\n[+] SIP status\n[+] GateKeeper status\n[+] Zsh history\n[+] Bash history\n[+] Shell startup scripts\n[+] PF rules\n[+] Periodic scripts\n[+] CronJobs list\n[+] LaunchDaemons data\n[+] Kernel extensions\n[+] Installed applications\n[+] Installation history\n[+] Chrome extensions\n<\/strong><\/code><\/pre>\n\n\n\n
<\/a><\/h2>\n\n\n\n
Todo<\/h2>\n\n\n\n
    \n
  1. Saving output as JSON instead of printing out the result<\/li>\n<\/ol>\n\n\n\n
    \n
    Click Here To Download<\/a><\/div>\n<\/div>\n\n\n\n
    <\/p>\n","protected":false},"excerpt":{"rendered":"
    MacOSThreatTrack is a Bash tool used for proactive detection of malicious activity on macOS systems. The tool is being tested in the beta phase, and it only gathers MacOS system information at this time. The code is poorly organized and requires significant improvements. Description Bash tool used for proactive detection of malicious activity on macOS […]<\/p>\n","protected":false},"author":4,"featured_media":28678,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[5967,1966,5966],"class_list":["post-28668","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-bash-tool","tag-macos","tag-macos-threattrack"],"yoast_head":"\nMacOSThreatTrack : Bash Tool Used For Proactive Detection<\/title>\n<meta name=\"description\" content=\"MacOSThreatTrack is a Bash tool used for proactive detection of malicious activity on macOS systems. it only gathers MacOS system information\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"MacOSThreatTrack : Bash Tool Used For Proactive Detection\" \/>\n<meta property=\"og:description\" content=\"MacOSThreatTrack is a Bash tool used for proactive detection of malicious activity on macOS systems. it only gathers MacOS system information\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-30T12:51:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-30T12:51:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"MacOSThreatTrack : Bash Tool Used For Proactive Detection Of Malicious Activity On macOS Systems\",\"datePublished\":\"2023-03-30T12:51:43+00:00\",\"dateModified\":\"2023-03-30T12:51:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/\"},\"wordCount\":103,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg\",\"keywords\":[\"Bash tool\",\"MacOS\",\"MacOS ThreatTrack\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/\",\"name\":\"MacOSThreatTrack : Bash Tool Used For Proactive Detection\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg\",\"datePublished\":\"2023-03-30T12:51:43+00:00\",\"dateModified\":\"2023-03-30T12:51:44+00:00\",\"description\":\"MacOSThreatTrack is a Bash tool used for proactive detection of malicious activity on macOS systems. it only gathers MacOS system information\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg\",\"width\":\"728\",\"height\":\"380\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"MacOSThreatTrack : Bash Tool Used For Proactive Detection","description":"MacOSThreatTrack is a Bash tool used for proactive detection of malicious activity on macOS systems. it only gathers MacOS system information","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/","og_locale":"en_US","og_type":"article","og_title":"MacOSThreatTrack : Bash Tool Used For Proactive Detection","og_description":"MacOSThreatTrack is a Bash tool used for proactive detection of malicious activity on macOS systems. it only gathers MacOS system information","og_url":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2023-03-30T12:51:43+00:00","article_modified_time":"2023-03-30T12:51:44+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"MacOSThreatTrack : Bash Tool Used For Proactive Detection Of Malicious Activity On macOS Systems","datePublished":"2023-03-30T12:51:43+00:00","dateModified":"2023-03-30T12:51:44+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/"},"wordCount":103,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg","keywords":["Bash tool","MacOS","MacOS ThreatTrack"],"articleSection":["Kali Linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/","url":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/","name":"MacOSThreatTrack : Bash Tool Used For Proactive Detection","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg","datePublished":"2023-03-30T12:51:43+00:00","dateModified":"2023-03-30T12:51:44+00:00","description":"MacOSThreatTrack is a Bash tool used for proactive detection of malicious activity on macOS systems. it only gathers MacOS system information","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/macosthreattrack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/macosthreattrack\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg","width":"728","height":"380"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg5OMnF5_ffjwDsy3zWQn7WidYufHHwT1HE30FBdFPAsZLe1RBUi42u2CNZ8vzEbgZ-IamGNEgmMHw0ZdMc0L2Ve5wjHcSuMAEVhaIqL0SZGGsXxI49T-G6a2vchS1ELHe5WxuNY_oomHwwnQRJOhqfypqc0gnB7_YJnveAKo542MoJpKIOuQyq9Jgz\/s16000\/mac_malware.jpg","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":37240,"url":"https:\/\/kalilinuxtutorials.com\/ipatool\/","url_meta":{"origin":28668,"position":0},"title":"IPATool : A Comprehensive Guide To Managing iOS Apps","author":"Varshini","date":"March 24, 2025","format":false,"excerpt":"IPATool is a versatile command-line utility designed to facilitate the search, download, and management of iOS app packages (ipa files) from the App Store. It supports various operating systems, including Windows, Linux, and macOS, making it accessible to a wide range of users. This article will delve into the functionality\u2026","rel":"","context":"In "Hacking Tools"","block_context":{"text":"Hacking Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/hacking-tools\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/IPATool-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/IPATool-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/IPATool-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/IPATool-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/IPATool-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/IPATool-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":11680,"url":"https:\/\/kalilinuxtutorials.com\/swiftbelt\/","url_meta":{"origin":28668,"position":1},"title":"SwiftBelt : A macOS Enumeration Tool Inspired By Harmjoy’S Windows","author":"R K","date":"October 21, 2020","format":false,"excerpt":"SwiftBelt is a macOS enumerator inspired by @harmjoy's Windows-based Seatbelt enumeration tool. SwiftBelt does not utilize any command line utilities and instead uses Swift code (leveraging the Cocoa Framework, Foundation libraries, OSAKit libraries, etc.) to perform system enumeration. This can be leveraged on the offensive side to perform enumeration once\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":35075,"url":"https:\/\/kalilinuxtutorials.com\/osquery\/","url_meta":{"origin":28668,"position":2},"title":"Mastering OSQuery: SQL-Powered Endpoint Monitoring","author":"Rajashekar Yasani","date":"June 8, 2017","format":false,"excerpt":"OSQuery is an open-source tool developed by Facebook that allows you to use SQL queries to monitor and manage your operating systems. It transforms your operating system into a relational database, enabling you to query various system properties and configurations using SQL syntax. This guide provides a comprehensive overview of\u2026","rel":"","context":"In "Cyber security"","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"osquery","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSzM5H76qE6tIqqBGl-Aloinv5bpRd01DplDir4DmMT6wayOSFW8pfIBXGch6hrhtmnOC2R6QpwkxeN91heOwiiNyCCV5mWWBTGEO2ULPeVlSwqzX1ubckNvqjWEiKFnLu-2vdD9LUm0IPeZP9QPRusJrk09ZZLm5igaZw54Lgd_91qFn55xFZlQruPQGD\/s16000\/OSQuery.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSzM5H76qE6tIqqBGl-Aloinv5bpRd01DplDir4DmMT6wayOSFW8pfIBXGch6hrhtmnOC2R6QpwkxeN91heOwiiNyCCV5mWWBTGEO2ULPeVlSwqzX1ubckNvqjWEiKFnLu-2vdD9LUm0IPeZP9QPRusJrk09ZZLm5igaZw54Lgd_91qFn55xFZlQruPQGD\/s16000\/OSQuery.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSzM5H76qE6tIqqBGl-Aloinv5bpRd01DplDir4DmMT6wayOSFW8pfIBXGch6hrhtmnOC2R6QpwkxeN91heOwiiNyCCV5mWWBTGEO2ULPeVlSwqzX1ubckNvqjWEiKFnLu-2vdD9LUm0IPeZP9QPRusJrk09ZZLm5igaZw54Lgd_91qFn55xFZlQruPQGD\/s16000\/OSQuery.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSzM5H76qE6tIqqBGl-Aloinv5bpRd01DplDir4DmMT6wayOSFW8pfIBXGch6hrhtmnOC2R6QpwkxeN91heOwiiNyCCV5mWWBTGEO2ULPeVlSwqzX1ubckNvqjWEiKFnLu-2vdD9LUm0IPeZP9QPRusJrk09ZZLm5igaZw54Lgd_91qFn55xFZlQruPQGD\/s16000\/OSQuery.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSzM5H76qE6tIqqBGl-Aloinv5bpRd01DplDir4DmMT6wayOSFW8pfIBXGch6hrhtmnOC2R6QpwkxeN91heOwiiNyCCV5mWWBTGEO2ULPeVlSwqzX1ubckNvqjWEiKFnLu-2vdD9LUm0IPeZP9QPRusJrk09ZZLm5igaZw54Lgd_91qFn55xFZlQruPQGD\/s16000\/OSQuery.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiSzM5H76qE6tIqqBGl-Aloinv5bpRd01DplDir4DmMT6wayOSFW8pfIBXGch6hrhtmnOC2R6QpwkxeN91heOwiiNyCCV5mWWBTGEO2ULPeVlSwqzX1ubckNvqjWEiKFnLu-2vdD9LUm0IPeZP9QPRusJrk09ZZLm5igaZw54Lgd_91qFn55xFZlQruPQGD\/s16000\/OSQuery.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":37055,"url":"https:\/\/kalilinuxtutorials.com\/rec2\/","url_meta":{"origin":28668,"position":3},"title":"REC2 : Rusty External Command And Control Tool","author":"Varshini","date":"March 13, 2025","format":false,"excerpt":"REC2, short for Rusty External Command and Control, is a sophisticated Command and Control (C2) framework developed in the Rust programming language. Designed for advanced operational use, REC2 enables remote management of implants (clients) across macOS, Linux, and Windows platforms. This tool leverages external APIs like VirusTotal and Mastodon to\u2026","rel":"","context":"In "Cyber security"","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/REC2-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/REC2-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/REC2-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/REC2-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/REC2-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/REC2-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":13931,"url":"https:\/\/kalilinuxtutorials.com\/swift-attack\/","url_meta":{"origin":28668,"position":4},"title":"Swift-Attack : Unit Tests For Blue Teams To Aid With Building Detections For Some Common macOS Post Exploitation Methods","author":"R K","date":"June 30, 2021","format":false,"excerpt":"Swift-Attack is a unit tests for blue teams to aid with building detections for some common macOS post exploitation methods. I have included some post exploitation examples using both command line history and on disk binaries (which should be easier for detection) as well as post exploitation examples using API\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5543,"url":"https:\/\/kalilinuxtutorials.com\/leviathan\/","url_meta":{"origin":28668,"position":5},"title":"Leviathan : Wide Range Mass Audit Toolkit","author":"R K","date":"June 28, 2019","format":false,"excerpt":"Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. It consists open source tools such masscan, ncrack, dsss and gives you the flexibility of using them with a combination. The main goal of this project is auditing\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/28668","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=28668"}],"version-history":[{"count":7,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/28668\/revisions"}],"predecessor-version":[{"id":28757,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/28668\/revisions\/28757"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/28678"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=28668"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=28668"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=28668"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}