MacOS bug bounty

If you have ever been intrigued by how iTunes and Xcode communicate with devices and moreover how non Apple code like libimobiledevice is…

Encountering Apple devices during RedTeam engagements is becoming increasingly common, so it's useful to have a few techniques available when navigating around whatever privacy or security changes are introduced with each version of MacOS. When MacOS Mojave rolled out at the end of 2018, a set of privacy restrictions were introduced to alert a user when an application requested access to sensitive data, such as the camera, microphone, address book, calendar etc.. And as (more often than not) o

I write random stuff.

feedback assistant race condition, leads to root

TimeMachine root command injection

Parrot Dev Platform

✍️ A curated list of CVE PoCs. Contribute to qazbnm456/awesome-cve-poc development by creating an account on GitHub.

Posted by Ian Beer, Project Zero Project Zero’s mission is to make 0-day hard. We often work with other companies to find and report se...

Apple introduced a mitigation against the use of task ports in exploits. In this post we examine the mitigation, find a loophole, and develop a new code inje...

This is a quick writeup on something I experimented with recently, runtime function hooking in C. The basic idea of hooking a function is to replace the func...

I was recently reviewing the MITRE ATT&CK™ knowledge base and came across the page on process injection techniques for privilege escalation. For those that are not aware of what the MITRE ATT&CK™ knowledge base is, it’s a group of documents and definitions that cover common adversary tactics and techniques. The macOS and Linux sections for process injection were lumped together and not very detailed. In some cases it seemed like the information wasn’t even accurate for macOS. This article covers common process injection techniques that apply to macOS.