Home

Awesome

Author: @rrcyrus

Major Contributor: @Airzero24

Venator-Swift is a Swift tool used for gathering data for the purpose of proactive macOS detection. Support for 10.13 and above. Happy Hunting!

Accompanying blog post: https://posts.specterops.io/introducing-venator-a-macos-tool-for-proactive-detection-34055a017e56

The tool needs root permissions to run, or else you will get the error message below.

Venator-Swift has a number of different features including the ability to upload host data to an Amazon S3 Bucket and enrich data using Virustotal.

launchagents
launchdaemons
sip
gatekeeper
cronjobs
apps
bashhistory
zshhistory
loginitems
firefoxExtension
chromeExtension
installhistory
periodicscripts
connections
startupscripts
eventtap
kext

A notarized and signed version of Venator-Swift can be found under Releases. The installation package will place Venator in /usr/local/bin/. Alternatively, you can expand the package with the pkgutil command.