Pinned Loading

1. apple-script-malware-collection apple-script-malware-collection Public

   AppleScript 12 1

2. Mac_EFI_Bootkit Mac_EFI_Bootkit Public

   EFI bootkit for macOS. Includes UEFI payload builder, FAT32 ESP injector, VM test support, and DXE implant simulation.

   Python 4

3. macOS-rootkit macOS-rootkit Public

   Modular macOS rootkit development scaffold inspired by “You Can’t See Me” – includes DKOM, launchd unlinking, KEXT injection, and stealth tools for research and education.

   C 2

4. GhostRoot GhostRoot Public

   GhostRoot is a modular macOS rootkit framework for pre-SIP systems (≤10.14), featuring DKOM-based process hiding, kernel memory access, launchd job unlinking, and privilege escalation for stealth a…

   C 3

5. SpectreRoot SpectreRoot Public

   Modular macOS rootkit framework (C++/ObjC++) for research on DKOM, privilege escalation, KEXT loading, and stealth tactics on pre-SIP systems.

   C++ 3