Apple sandbox guide v0
macOS Internals & Development
Apple sandbox
Mac App Store updates
Mac App Store updates · GitHub
Understanding and Defending Against Reflective Code Loading on macOS
This blogpost will describe the concept of loading executables in-memory on macOS and how to detect it.
Extract the system libraries on macOS Big Sur
Use autofs on Mac OS X to mount network shares automatically during access
Use autofs on Mac OS X to mount network shares automatically during access · GitHub
MacOS Security & Privilege Escalation
Privilege Escalation | macOS Malware & The Path to Root Part 2
We continue our look at the role of privilege escalation on macOS from the point of view of malware developers and how they take a different path. Learn more!
Privilege Escalation | macOS Malware & The Path to Root Part 1 - SentinelLabs
Researchers invest huge amounts of effort to uncover privilege escalations and develop exploits. What can we learn about macOS security from their work?
Linux permissions: SUID, SGID, and sticky bit
Linux permissions are a concept that every user becomes intimately familiar with early on in their development. We need to execute scripts, modify files, and run processes in order to administer systems effectively, but what happens when we see Permission denied? Do you know why we see this message? If you know the cause of the problem, do you know how to implement the solution?
What type of hash are a Mac's password stored in?
On OS X 10.11 - I have opened up my user's .plist file, and have looked inside of the file.
I did this with the following command:
sudo defaults read /var/db/dslocal/nodes/Default/users/
Posts
Detecting objective-C malware through memory forensics
Major advances in memory forensics in the past decade now allow investigators to efficiently detect and analyze many types of sophisticated kernel-lev…
feross/SpoofMAC
:briefcase: Change your MAC address for debugging. Contribute to feross/SpoofMAC development by creating an account on GitHub.
erikng/get_platform.py forked from pudquick/get_platform.py Created 4 years ago • Report abuse
Get Mac's serial number and hardware UUID via python - get_platform.py
BlueM/cliclick
macOS CLI tool for emulating mouse and keyboard events - BlueM/cliclick
Revisiting Mac OS X Kernel Rootkits
Phrack staff website.
Modern Objective-C Exploitation Techniques
Phrack staff website.
The Objective-C Runtime: Understanding and Abusing
Phrack staff website.
Where X=swift
// import a module import Foundation // Single-line comments are prefixed with // // Multi-line comments start with /* and end with */ /* Nested multiline comments /* ARE */ allowed */ // Xcode suppor…
Where X=Objective-C
// Single-line comments start with // /* Multi-line comments look like this */ // XCode supports pragma mark directive that improve jump bar readability #pragma mark Navigation Functions // New tag on…