SecVF is a native macOS suite for malware analysis, network forensics, and incident response. Hardware-enforced VM isolation via Apple's Virtualization framework. An in-process L2/L3 software switch writes every frame straight into a tshark pipeline. Ephemeral macOS guests clone in sub-millisecond time via APFS copy-on-write. Open source. Auditable. Yours.
There are good VM apps, and there are good network analyzers. SecVF is a single native binary that's serious at both — and adds primitives the other tools don't have.
Generalist VM apps. They run guests well; they don't ship a packet pipeline, a router-VM workflow, or a DTrace/ESF-instrumented agent sandbox. SecVF treats malware-grade analysis as the first-class use case — not just "make a guest boot."
Closed-source, kernel-extension-based, Intel-DNA. You can't audit them, you can't extend them, and on Apple Silicon they run a translation shim. SecVF is pure Swift on the official Apple framework. No KEXT. No translation. You can read every line.
Cuckoo is Linux-host, Windows-guest, Python 2-era. Any.Run is a SaaS — your sample leaves your machine. SecVF runs locally, offline, with native macOS guests for AI agents and any Linux/Windows guest for malware. Nothing leaves the host.
Those are guest distributions — bags of tools you boot inside a VM. Useful, but you still need a host platform around them. SecVF is the host platform: VM lifecycle, virtual switch, capture, telemetry, forensics-friendly storage. Bring REMnux as a guest on top.
Every layer is on the official Apple stack. No KEXTs. No System Extensions for the core. No kernel patches.
The same framework Apple uses for their own engineering builds. We use VZVirtualMachineConfiguration with explicit VZGenericPlatformConfiguration for Linux and VZMacPlatformConfiguration for macOS, VZEFIBootLoader for guests, and VZMacOSBootLoader for restored macOS guests.
VZVirtioNetworkDeviceConfiguration + custom VZBridgedNetworkDeviceAttachment for the switchVZVirtioFileSystemDeviceConfiguration for opt-in workspace shares (off by default)VZVirtioSocketDeviceConfiguration for the AI sandbox vsock channelVZLinuxRosettaUnifiedCacheDirectoryShare on Apple Silicon for x86_64 binaries inside Linux guestsPure Swift L2/L3 software switch implemented as a Combine-driven actor. No kernel extension, no vmnet, no priv helper. Every Ethernet frame on the bus is routed in user space, MAC-learned, and mirrored to the capture sink as it forwards.
// VirtualNetworkSwitch.swift
let switch = VirtualNetworkSwitch.shared
let port = switch.attach(vm: kaliRouter) // L2 port assignment
switch.macTable.learn(mac: …, port: port) // standard switch
switch.frames.sink { frame in PacketCapture.feed(frame) }PassthroughSubject<EthernetFrame, Never> — multiple subscribers, lossless backpressureSecVF spawns tshark headless against a FIFO populated by the switch tap. Output is parsed live as -T ek JSON; the UI presents Wireshark-style display filters straight from the source language.
tcp.port == 443 && ip.addr == 10.0.100.5 — real Wireshark grammarA canonical macOS guest is provisioned once. Each session spawns by APFS-cloning the base bundle (cheap copy-on-write — disk doesn't grow until the session writes). Boot, run a command over VZVirtioSocketDevice:2222, destroy.
let session = try await AISandboxVMSession.cloneBase() // ~0 ms via APFS CoW
try await session.boot()
let result = try await session.run("clang --version") // vsock 2222 RPC
try await session.destroy() // bundle wipedA @MainActor observer that watches filesystem deltas, process events, and resource pressure for each running VM. Events are typed and severity-graded; everything lands in ~/.avf/logs/security-YYYY-MM-DD.log.
INFO → WARNING → CRITICAL → EMERGENCYSecVFError typed enum with LocalizedError recovery suggestions, mirrored into error-audit.logEvery distro download is verified against a SHA-256 pulled from the upstream's signed checksum file. macOS IPSWs only come from *.cdn-apple.com over TLS 1.2+, with an explicit hostname allowlist. Anything else is rejected before a single byte hits disk.
~/.avf/ISOCache/, dedup by SHA-256, audit-loggedFour network modes per VM. Pick the right one and the malware never leaves the lab.
Default for dev work. Apple's framework provides DHCP and outbound NAT. Guest is invisible to the LAN. Cheap, works without configuration.
Air-gapped lab. Guests on the same software switch, no uplink. Useful for testing inter-VM behaviour with zero internet exposure.
Kali Linux gateway. Static 10.0.100.1/24, iptables NAT, DHCP, tcpdump/tshark/nmap pre-installed. Helper commands: secvf-status, secvf-monitor, secvf-capture. Every byte traverses an instrumented gateway.
Router VM with all DNS sinkholed and HTTP/HTTPS/FTP/SMTP/IRC responders running. Malware contacts its C2 — and gets plausible-looking responses from the router. Full behavioural capture without phoning home.
Measured on M2 Pro, 32 GB. Your guest distro and capture profile will move these around.
Be explicit about what we defend against, and what we don't.
~/.avf/logs/.Read the full Security model for assumption-by-assumption detail.
SecVF is in active development. Downloads aren't available yet — these are the three distribution paths planned for the first public release. Star the repo or watch releases to be notified.
Free · MIT · Developer ID notarized
~/.avf/Will publish at github.com/DaxxSec/SecVF/releases once the first stable build is ready. Subscribe to the repo's releases to get notified.
Free · MIT · with detection stack
siem/ directory — Loki + Promtail + Grafana + Suricata + YARASIEM Edition config preview is browsable in the repo today (siem/). See the SIEM wiki for what it does and the Containment Breakout guide for what to do when alerts fire.
$6.99 · sandboxed build
Same MIT-licensed code base, packaged for sandbox compliance. Pricing is a donation tier — buy if you want auto-updates and want to fund the project.
brew install wiresharkSecVF is in active development. The code is open, the docs are live, and the first release is coming. Star the repo to be there when it ships.