Defense Evasion
27 binaries with this tactic
caffeinate
Prevent the system from sleeping on behalf of a utility.
chflags
Changes file or directory flags
codesign
Create, manipulate and verify code signatures.
csrutil
Configure or view system security policies.
defaults
Read, write, and delete user preference values.
ditto
Copy files and directories while preserving file attributes and permissions.
log
Access system log messages from Apple Unified Logging (AUL).
mdfind
Locate files using the Spotlight database.
mdls
List metadata attributes for the specified file.
mktemp
Create a temporary file or directory and return the file/directory name to stdout
notifyutil
Monitor and post Darwin notifications for inter-process communication and system event monitoring.
nscurl
Download, upload, and read files.
osascript
Execute AppleScripts and other OSA language scripts and commands.
pkill
Kill processes by name or pattern.
plutil
Read, create or edit plist files.
say
Convert text to audible speech.
security
Interact with Keychain, macOS's built-in password manager.
SetFile
Set attributes of files and directories.
sfltool
Binary to manage the Shared File List framework.
spctl
Manage the security assessment policy subsystem, Gatekeeper settings, and control which apps are allowed to run on the system.
ssh-keygen
Load unsigned dynamic libraries into the ssh-keygen binary.
swift
Arbitrarily execute swift code from the terminal.
tccutil
Command-line tool for managing the Transparency, Consent, and Control (TCC) permissions database
textutil
Manipulate text files in various formats.
tftp
Trivial File Transfer Protocol client and server utilities.
tmutil
Manage Time Machine backups.
xattr
Display and manipulate extended attributes.