LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes. (by infosecB)
Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules. (by Bert-JanP)
LOOBins | Hunting-Queries-Detection-Rules | |
---|---|---|
2 | 7 | |
389 | 1,011 | |
- | - | |
8.3 | 9.3 | |
14 days ago | 3 days ago | |
Python | Python | |
GNU General Public License v3.0 only | BSD 3-clause "New" or "Revised" License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
LOOBins
Posts with mentions or reviews of LOOBins.
We have used some of these posts to build our list of alternatives
and similar projects.
-
LOOBins
I’m excited to announce the release of Living Off the Orchard: macOS Binaries (LOOBins)!
LOOBins is a resource designed to help cybersecurity professionals and researchers understand and defend against the potential risks associated with binaries built into macOS.
https://loobins.io
- LOOBins: Living Off the Orchard: macOS Binaries and Scripts
Hunting-Queries-Detection-Rules
Posts with mentions or reviews of Hunting-Queries-Detection-Rules.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-12-11.
- Advanced Hunting queries every admin should use
- Hunting Querie into a Detection rule
- MS Sentinel Analytics & KQL
- Analytical rules
- MDE Repointing Frequency
-
Least occurrence in MDE
This will be the query that you are looking for. I do have a lot more queries if you are interested: https://github.com/Bert-JanP/Hunting-Queries-Detection-Rules
- Must have analytic rules
What are some alternatives?
When comparing LOOBins and Hunting-Queries-Detection-Rules you can also consider the following projects:
recon365 - Gather information from an email address connected to Office 365
Microsoft-365-Defender-Hunting-Queries - Sample queries for Advanced hunting in Microsoft 365 Defender
gitlab-watchman - Finding exposed secrets and personal data in GitLab
chatgpt-raycast - ChatGPT raycast extension
MurMurHash - This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
kusto-queries - example queries for learning the kusto language