1
Knockknock
A free, open-source tool that uncovers persistently installed software on macOS, helping to generically reveal malware.
Knockknock
A free, open-source tool that uncovers persistently installed software on macOS, helping to generically reveal malware.
Data verified Jun 2026
ADYour product here. Reach security decision-makers.Launch a campaignKnockknock Description
KnockKnock is a free, open-source tool that uncovers persistently installed software on macOS, helping to generically reveal malware. It scans known locations where persistent software or malware may be installed, and provides detailed information about each item, including its hash, size, plist, and signed status. KnockKnock also integrates with VirusTotal to retrieve information about the files and allows users to submit unknown files for analysis. The tool provides a user-friendly interface to display the results, with options to filter out signed Apple and whitelisted items, and to save the findings as a JSON file. KnockKnock can also be run via the command line, allowing for programmatic deployment and execution. Overall, KnockKnock is a valuable tool for macOS users to detect and analyze persistently installed software and potential malware on their systems.
Knockknock FAQ
Common questions about Knockknock including features, pricing, alternatives, and user reviews.
Knockknock is A free, open-source tool that uncovers persistently installed software on macOS, helping to generically reveal malware. It is a Security Operations solution designed to help security teams with File Analysis, Mac Os.
Knockknock is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://objective-see.com/products/knockknock.html for download and installation instructions.
Popular alternatives to Knockknock include:
1.Managed Agentic Threat Hunting - Managed Agentic Threat Hunting Service (IOC sweeps and hypothesis based hunting) (Commercial)
2.Fenrir Simple Bash IOC Scanner - A lightweight bash script IOC scanner for Linux/Unix/macOS systems that detects malicious indicators through hash matching, filename analysis, string searches, and C2 server identification without requiring installation. (Free)
3.plast - Modular Threat Hunting Tool & Framework (Free)
4.Splunk Attack Data Repository - Curated datasets for developing and testing detections in SIEM installations. (Free)
5.Osquery - Open-source tool for monitoring macOS hosts with detailed system activity insights. (Free)
Compare all Knockknock alternatives at https://cybersectools.com/alternatives/knockknock
Knockknock is for security teams and organizations that need File Analysis, Mac Os. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations
Have more questions? Browse our categories or search for specific tools.
