LaunchAudit App Icon

LaunchAudit

Comprehensive macOS Persistence Auditor

Discover and analyze every application, service, and task configured to run automatically on your Mac. LaunchAudit scans 35 persistence categories across 9 groups, validates code signatures, and scores each item for risk — all from a native macOS dashboard or the command line.

macOS 14+ Universal Binary Open Source MIT License
View on GitHub

Features

Full visibility into what runs on your Mac

35 Persistence Categories

Scans launch daemons and agents, login items, scheduled tasks, extensions, security plugins, and deprecated mechanisms across 9 logical groups.

Signature & Notarization Checks

Validates code signatures and notarization status with up to 12 concurrent verifications, flagging unsigned or third-party software automatically.

Multi-Dimensional Risk Scoring

Each item is rated Informational, Low, Medium, High, or Critical based on signing trust, mechanism severity, execution context, location, and temporal signals.

Native Dashboard

Interactive summary cards and charts, sidebar navigation grouped by category, a detail inspector for full metadata, and keyboard shortcuts for scan and export.

First-Class CLI

Headless scan mode for terminals and scripts, with filters for category, group, risk level, and signing status. Quiet mode emits key=value output for automation.

JSON, CSV, and HTML Reports

Export full-fidelity JSON for tooling, CSV for spreadsheets, or self-contained styled HTML reports to share with your team.

Dashboard

Browse, filter, and inspect every persistence item at a glance

LaunchAudit dashboard showing persistence items, summary charts, and risk breakdown

Command-Line Examples

Run audits from your terminal or CI pipeline

# Run a full scan

$ launchaudit scan

# Show only unsigned items

$ launchaudit scan --unsigned-only

# Filter by minimum risk level

$ launchaudit scan --min-risk high

# Export a self-contained HTML report

$ launchaudit scan -o report.html

# Machine-readable output for scripting

$ launchaudit scan --quiet

Installation

Three ways to get started

Direct Download

Grab the latest signed and notarized build from the GitHub Releases page.

Homebrew Cask

brew install --cask launchaudit

Build from Source

Use XcodeGen with the included project.yml. Requires Xcode 16 and Swift 5.9.

Architecture

Modular, testable, and built for macOS

LaunchAudit

The main app, providing both the native macOS dashboard and the command-line interface in a single universal binary.

LaunchAuditKit

The core scanning framework — 35 individual scanners, the risk analyzer, and export handlers for JSON, CSV, and HTML.

LaunchAuditHelper

A privileged XPC helper for scanning system-level locations that require elevated access.

LaunchAuditTests

A unit test suite covering scanners, risk scoring, and export formats to keep audits dependable as macOS evolves.

See What’s Running on Your Mac

LaunchAudit is free, open source, and released under the MIT License.

View on GitHub