papers.put.as

A collection of papers and presentation slides related to Mac OS X, iOS, and Firmware.

Mac OS X

2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016

2003

Dynamically Overriding Mac OS X

by Jonathan Rentzsch
at N/A
type paper
hash c64fe59fc7dd7c30b8b4a379ac691c58d5b1c8f213d03e9d162bd8be3fe4c323

A Debugger with Gui in OS X

by Ivan Krizsan
at N/A
type thesis
hash 183c67089ffc3282e66f6aca23b3a70459bd85d1488808eb38c1eea3e00db796

top

2004

Practical Mac OS X Insecurity

by Angelo Laub
at CCC
type slides
hash 039ce00494ca033973d5c934dc1f8fc4c7d3a8a111797aae993e8f3af44f6f37

top

2005

MacOS Kernel Insecurity

by Ilja van Sprundel & Christian Klein
at N/A
type slides
hash 3841f97e8f088f4b0373b78148c79dd65233e705867a1276bea32776ccdc6b96

Infecting the Mach-O Object Format

by Nemo
at N/A
type slides
hash 4fcd6992827fa19b982ba4f92e386ec2d51c9cc40dada4b4c41c14d3e2dec1e8

Hacking Mac OS X Kernel for unsupported machines

by Ryan Rempel
at N/A
type paper
hash 56a628a4f53c48b5c90a7f4eb031d52a529edb27a02f7ae8fb08ef88c14b184b

FireWire: All your memory are belong to us

by Michael Becher & Maximillian Dornseif & Christian N. Klein
at CanSecWest
type slides
hash 8783068585b92ee08b2f94de00583cdda4948578421a75ea0ca76dd0e600be81

Everything You Always Wanted To Know About MIG But Were Afraid to Ask

by Richard P. Draves
at N/A
type slides
hash bb3d118905008489652fcb81c8d34a4331c31ae3859c5a385e311287bc1e2b52

top

2006

Breaking Mac OS X

by Nemo & Ilja van Sprundel
at N/A
type slides
hash ce92eb21c9021b8101e8922b32086eba29dba6efa38b8f5b6f778c4c4d39a04e

Abusing Mach on Mac OS X

by Nemo
at N/A
type paper
hash e161878968e46a4fc93d9ca523ba2ef407c02dbb947e95d616fe230731647556

Hit by a Bus: Physical Access Attacks with Firewire

by Adam Boileau
at Ruxcon
type slides
hash 7aa79055ea588de8d12db8bf7b2c165f74f7ac75dbccb804c299adaa07bc0d7c

Hardware Virtualization Rootkits

by Dino Dai Zovi
at BlackHat
type slides
hash a1cd1aaeb9815d6dcac87705ccf09f0f8f7701791bfb71b3dc76dc92d98c9419

Discovering Mac OS X Weaknesses

by Jay Beale
at Def Con
type slides
hash 072f71c8b0fca8290fe96472ce4aeb0ce4a298f539d8cf8a3f7c4fe971755270

top

2007

Hacking Leopard

by Charlie Miller & Jake Honoroff
at N/A
type paper
hash 5999269c67c3b676368a07048518a3f0ee05bb9e88cc5360c7f06132932becbe

Inside the Mac OS X Kernel

by Lucy
at CCC
type paper
hash 2afd67943cb3f49a48de17b7a4221f78cb21646a7e71a3030a374a6ad40573ae

Mac OS X FileSystems

by Singh
at N/A
type slides
hash 44320fea2a8c24028cb50d00e1b475183370cc6fd4028a635766601ffa25688e

top

2008

Hacking OS X

by Charlie Miller
at BlackHat Japan
type slides
hash c2c514e3484014a467715ce91e983588134b64be3842c64615d66f871b55dd64

Dtrace The Reverse Engineer’s Unexpected Swiss Army Knife

by Tiller Beauchamp & David Weston
at BlackHat
type paper
hash 968e7ac92d1f5d154cc3f91794a6fb1b8e8e6e0ea781452fa6204c52a857407a

iRK – Crafting OS X Kernel Rootkits

by Jesse D’Aguanno
at BlackHat
type slides
hash 8f8a97f7c2e5530eaeffa08a256f9ca366229d85984f4c7a93f01f857ec80270

RETrace – Applied Reverse Engineering on OS X

by Tiller Beauchamp & David Weston
at Def Con
type slides
hash 108654f1e4f5e60d608041242c4f6425c41986cb2ec125df724c282129ccfa29

Under the iHood

by Cameron Hotchkies
at ReCon
type slides
hash 2548ea139d2cfb97af2210d2c5f49e8e1ba35bf16b9151d3e85eb96b45548f57

Covering the tracks on Mac OS X Leopard

by Charles Scott
at N/A
type paper
hash b51f03196a1da4459633c94909e6bcb94fd944ff684712abd597fe4624681a53

OS X Rootkits – the next level

by Alfredo Pesoli
at LaCon
type slides
hash f126b723af77a8b5664baf20608e498109953df5bbd35033b7dc6deeaac33835

How the Leopard hides his spots

by The Gruqq
at Hack in the Box KL
type slides
hash a37eef86f2524a5abbfeaa241f5d5b8d6e4292a0f9d2dad3f2c05b950e1ab445

top

2009

Advanced Mac OS X Rootkits

by Dino Dai Zovi
at N/A
type paper
hash 428bbe81b69e4874104fd171dfc35f2fe995582ba25fc929b22cf32d9baf0743

Advanced Mac OS X Rootkits

by Dino Dai Zovi
at N/A
type slides
hash d468cac39b7abbc9e6809e09716d8dd45f74483b8f489a9c5d111795df12f08d

Runtime Kernel Patching on OS X

by Bosse Eriksson
at Def Con
type slides
hash 43d75e9022f1a13308a8adbf267659afa18933077b1f7b3dd61a64240618868b

Mac OS Xploitation

by Dino Dai Zovi
at HITB
type slides
hash d1e61cce17b508a4692c8ecf230828af877b14ab9b71a3921cdeb6a758d33155

Dynamic Tracing for Exploitation and Fuzzing

by Tiller Beauchamp & David Weston
at Shakacon
type slides
hash 9527aa73738bf76241404970fbcdf0f6821513c47e455bc1a75980fcebe9359f

Mac OS X Malware Analysis

by Joel Yonts
at N/A
type paper
hash 55f9227bc933ada620ab84c3f17ad141c5572c7a59bcf5f464cb0e948d9625eb

Objective-C Internals

by André Pang
at N/A
type slides
hash 27963eff21e9f5d793a31e65eead085209c22f3cd08935fc1f6e083de7daf920

Hacking Macs for Fun and Profit

by Dino Dai Zovi & Charlie Miller
at CanSecWest
type slides
hash b4509f8c216f0b0cad50c449795d49a12083659ca715895ef5afd8f88c1411b5

Mac OS Xploitation

by Dino Dai Zovi
at Source
type slides
hash 79c174d6ed0267cea14997c4e0bf7b233cd18d1fbf7b2c4cc42df0d249e12edc

Debugging Cocoa with DTrace

by Colin Wheeler
at N/A
type paper
hash 3b4d314aaaa4d9123b660c7fc956bee67b5c9ac37d36623903477dcf3af21165

Let your Mach-O fly

by Vincenzo Iozzo
at BlackHat DC
type slides
hash

Dynamically Overriding Mac OS X – Down the Rabbit Hole

by Jonathan Rentzsch
at N/A
type slides
hash e78e7040e028f6c956e5891a9f3c5163c0e89a07b3dc510e74441fa8ccc4467b

Encryption Wrapper on OSX

by Unknown
at N/A
type slides
hash be87812e729e1b1b360b7ad0506719a92d950db37669f63f9823c01570000cab

top

2010

Function hooking for OSX and Linux

by Joe Damato
at N/A
type slides
hash 7d248225c661536d85cc45fef34c444e2e4e437b9dd8b97e809e00cda5b9535f

Mac Os X Hacking Snow Leopard edition

by Charlie Miller
at N/A
type slides
hash 554f1810c140e4d1c5d539ce2b69615bcc6d62373715f79f6013b9bdb4167b29

Advanced Mac OS X Physical Memory Analysis

by Matthieu Suiche
at BlackHat DC
type slides
hash c3490def9144f64ab06827859365ad101d42f85cb8b0ef0f64354a5d3117a089

Advanced Mac OS X Physical Memory Analysis

by Matthieu Suiche
at BlackHat DC
type paper
hash 4123e6127ad80d0bd537f666be4134d7ced03583820670357fdad223b1752aec

Post exploitation techniques on OSX and Iphone

by Vincenzo Iozzo
at EUSecWest
type slides
hash dcbb98040fd404b94c2e22fcdedb95d59b8ef1172bd1717c0d1b93883277e3d9

Programacion de rootkits en Mac OS X

by Fernando López Hernández
at N/A
type paper
hash fb242b3fb850b11f26ecd1062c384c79d7426506c6795957ec430b15cefd285c

Hacking at Mach speed

by Dino Dai Zovi
at N/A
type slides
hash b4190a7b684203045fd55351a8f5171fe6ad251147b08be139667b32f2ed735a

Mac OS X Return Oriented Exploitation

by Dino Dai Zovi
at N/A
type slides
hash 19ca2cbcf7b4943a27a7f03b9ce620d7508991b28ac5b7807e506bfb5123c3db

Having Fun with Apples IOKit

by Ilja van Sprundel
at N/A
type slides
hash f430a772300a7d924f8fde0a2e9232aa2f2642dd11d178cfb20a658f1253dd77

Mach-O Fun

by Michael Feiri
at CocoaHeads
type slides
hash 0c8740f5cc4f30d6e53936c7b8baf60230bf8441004dc59aef9c67584c861855

top

2011

Defiling Mac OS X Kernel Rootkits

by Snare
at Ruxcon
type slides
hash 456b270a40299c07b202d45fdcbd33abcae5a43f597b77e388495795b94a5e50

Hacking at Mach2

by Dino Dai Zovi
at N/A
type slides
hash 35280938db10e8a30d802d64908a3038ed7ec6598d847c3733c5011a7dd14260

The Apple Sandbox

by Dionysus Blazakis
at BlackHat DC
type paper
hash 4b12ed7217d147b36d6a69d146012e0ea5cc9535c5ec00bb1b99260f6585095f

The Apple Sandbox

by Dionysus Blazakis
at BlackHat DC
type slides
hash 0e411a122eb12ddb7c5575c50ef6e0f0a99476aa98522ee0a4c1bce5bc78691e

Battery Firmware Hacking

by Charlie Miller
at N/A
type paper
hash 751025b53e646b56f9ac4a18d1ef37e4d59e98cefc97ab6c6a69b22d5ecd2628

Macs in the Age of APT

by iSEC Partners
at BlackHat
type slides
hash abe56f0b2644b165a6403613d260200b0a91098e22657f3f26bed8ca893eaab5

Protecting the core – Kernel Exploitation mitigations

by Patroklos Argyroudis & Dimitris Glynos
at BlackHat EU
type slides
hash 696fa702bbb6ba9d152abb56d367afaa5c08d4f674e120586836c3a21bfe06bc

Protecting the core – Kernel Exploitation mitigations

by Patroklos Argyroudis & Dimitris Glynos
at BlackHat EU
type paper
hash f75609bc5f9baff8f51841f42f976274145fcf686db2d982eeab4f2c77ad0d55

Mac OS Lion Forensic Memory Acquisition Using IEEE 1394

by Todd Garrison
at
type paper
hash 921bd956acde1b402f3b89f1131bd5749d06c5630d8fdaf6517ee6e0b47d6131

Mach Shellcodes and Injectable OS X Rootkits

by Jesse D'Aguanno
at Recon
type slides
hash 8b2e26d1a8ae76f67cb8266753c2f7065da0ae5a079380ae6ab880545a8d6856

top

2012

Syscan12 – DE MYSTERIIS DOM JOBSIVS: MAC EFI ROOTKITS

by Snare
at SyScan Singapore
type slides
hash ec2529a1ad164ecf64da8973ee7d7d82b2d93b25bdaa072dee1176ee78c27d5e

Ruxcon – DE MYSTERIIS DOM JOBSIVS: MAC EFI ROOTKITS

by Snare
at Ruxcon
type slides
hash 405471295c956a1f879a4111932cf122f44a9b9dc3e478bb25ffec733e491df1

Hack Mac OS X – Tips and tricks for Mac OS X hack

by sud0man
at GSDays
type slides
hash 00ee964e0174562cba00a8a41951533587c94de7139e8db93d6bbb37b23e604d

How to re-engineer OSX to behave the way you want

by Stephen Sykes
at CodeBits
type slides
hash 7fc1fb5cb5918d303dd270bdf60cf288d685cf10ea747e5bb444b7cf3446fa94

Mac Memory Analysis with Volatility

by Andrew Case
at DFIR Summit
type slides
hash 32548e463fa97daad9ad4e3b85cc56f78b81325abded131482178c30867a2075

OS/X Flashback

by ESET
at N/A
type paper
hash 43503a19825cb10ba3865c645754969ea459dcd4663c51c53df9e41d5d3a4671

When Macs Get Hacked

by Sarah Edwards
at DFIR Summit
type slides
hash d609b76504e7a34d093e5217940c1f8a82d4c570cca678435653ba46a93e4ac3

Analysis & Correlation of Mac Logs

by Sarah Edwards
at DFIR Summit
type slides
hash df70e821a541dd519ab94539ae61f15f11ce35968707e63d47158e4e710197a5

Infiltrate the Vault – Security Analysis and Decryption of Lion Full Disk Encryption

by Omar Choudary & Felix Grobert & Joachim Metz
at N/A
type paper
hash b590f488f1de36e120254ac1af9d0914ad2848e9fb50af4d7a681d8e093f37c3

FORENSIC MEMORY ANALYSIS FOR APPLE OS X

by Andrew F. Hay
at N/A
type thesis
hash 5ca26a51bd2bfe07ca063bab3289175fda056f4fa4543fc32a13781a73c60e52

EFI Rootkits

by Andreas Galauner
at SIGINT
type slides
hash c372005b2b0f65b2aea85dae1ca674a5096df2188037efac6500791525d65dc8

DE MYSTERIIS DOM JOBSIVS Mac EFI Rootkits

by Snare
at BlackHat
type paper
hash 02f78fb79b713c325d16152607ad54bc280b66dd3078a592974b6daadbf9cd96

DE MYSTERIIS DOM JOBSIVS Mac EFI Rootkits

by Snare
at BlackHat
type slides
hash 2fe2ab333b7a36b0e10fed675d686ebd5544bee7cc7a9c22bf7c06d67015eb82

FLASHBACK OS X MALWARE

by Broderick Ian Aquilino
at VB
type paper
hash 05ff29920c23830771079098fee66d1ed57cf514be6362c61ea1131cda04b192

FLASHBACK OS X MALWARE

by Broderick Ian Aquilino
at VB
type slides
hash 2a9848771d28e12579df1b61b66c618d7b78d0e5d98b65a4b0af095976c8c8fb

Backdoor.Flashback (Russian)

by Dr Web
at N/A
type slides
hash fe06e7340872cb8e008efdc4980bc03387fdea1b83d5b2149661182c91a3379f

Mac OS X Malware Overview (Russian)

by Ivan Sorokin
at ZeroNights
type slides
hash 000384f992c0e620458954487ba415ed0bff66ba6fca1a349363962601cd7768

XNU: A security evaluation

by Daan Keuper
at N/A
type thesis
hash 945e293c760785912788dbffd75d78c61e9cecb998a8a3b908408da20d51b622

Past and Future in OS X Malware

by fG! & noar
at HiTCON
type slides
hash fc2e8135fe7e7fe5ad6d3db726fb8f2985e712429e9ae37eabd46528a9fd6c52

Playing with OS X - How to start your Apple reverse engineering adventure

by fG!
at Secuinside
type slides
hash 988adf5a8ae5f35623147bbf873acd364183839dfffbf88a5a771c283ee40358

OS X Malware

by fG! & noar
at Confraria Lisbon
type slides
hash 29809106020e285680b306ad52688c3d4929b990d57371674ebf2e1b07f3d85b

top

2013

Destructive DTrace

by Nemo
at Infiltrate
type slides
hash d7e5dcc4517e699dbee6206e59832175a2a6a2f5c5457f9174915194430ec8c4

Revisiting Mac OS X Kernel Rootkits

by fG!
at SyScan Singapore
type slides
hash 302272d3fb92b937a8bb56687b68a95dd092906fb95efee508fb0b913db3885e

Mountain Lion and iOS Vulnerabilities Garage Sale

by Stefan Esser
at SyScan Singapore
type slides
hash cd29d3dffe947205ae3bebe4d9ea2804b07f7496ff974e72ec8d0f66f4409055

Mountain Lion and iOS Vulnerabilities Garage Sale

by Stefan Esser
at SyScan Singapore
type paper
hash 1705d591ef8ac19f6f7bab601d92c628c312941505a868816be4a2caddf2025e

OS X Hardening – Mountain Lion 10.8

by ERNW
at N/A
type paper
hash 9af4670eaca77e552d97733c56d18607d1e7102b1cc2bb76956d44a56af0e7eb

Ninjas and Harry Potter – “Spell”unking in Apple SMC land

by Alex Ionescu
at NoSuchCon
type slides
hash 297ccbf7023b5db8ecc23e9a781cf53c9056fbad67ab565a538045306c76cec1

OS X Kernel Rootkits

by fG!
at HiTCON
type slides
hash fe797f1663fc8671788f50e5a980ae0940d1d60055128397b57e1bdd8ab51f44

OS X Rootkits 2

by fG!
at SyScan360 Beijing
type slides
hash 6d54a2ada61aba55284978afbfdcd9056ffbdc089a7bd5ee0987568f055f6851

Revisiting Mac OS X Rootkits

by fG!
at NoSuchCon
type slides
hash 41be65b08b86fcf6d44c122336d943d1ac94a9d369888a96d3d00c8f156201aa

OS X Rootkits 2

by fG!
at Bsides Lisbon
type slides
hash d220499724469a1c15bfd3476f203294e498224fa82490e3cb4bfb5ddee1af00

SWGDE Mac OS X Tech Notes

by Scientific Working Group on Digital Evidence
at N/A
type paper
hash 2e3e0c12b4c8c31f9ab4ef97d86d44bba18d5511d416a2822c93c41fff742921

iSee You: Disabling the MacBook Webcam Indicator Led

by Matthew Brocker & Stephen Checkoway
at N/A
type paper
hash 3a2700bebec1a566697c8b350a11459c3eeb201e34ee404271e75298f3838d88

Hunting for OS X rootkits in memory

by Cem Gurkok
at HITB
type slides
hash 9bc82dd2c7bfcb298ba40733a2297fc4865aaa3fd4c177f3dd4cc1f2f3a65c3b

Mining Mach Services within OS X Sandbox

by Meder Kydyraliev
at Ruxcon
type slides
hash d74081cf3366e53bed1fde880eddbcd58672866fbf3a5e44f4d9391fefd44d50

When Macs get hacked

by Sarah Edwards
at N/A
type slides
hash 39168ba9178f0f2de773bdcac6f5e64a6bb2b99379432f9401d4c9441c287fac

Funderbolt - Adventures in Thunderbolt DMA Attacks

by Russ Sevinsky
at BlackHat
type slides
hash bc241d8a47ccf57fd763ca3ee2a6e7775d03aa519c291add223d0dc0d922d1aa

Mach-O Malware Analysis: Combatting Mac OSX/iOS Malware with Data Visualization

by Remy Baumgarten
at Def Con
type paper
hash 5c63eca696272bf25703918a5c3b5559a393c7d5622a394dd8207bdaeca1d676

top

2014

Reverse Engineering Mac Malware

by Sarah Edwards
at BSides NoLa
type slides
hash 47c62a927844cab3559459642b90f3195a07b17fea3989effcd4af396a8a3f02

Methods of Malware Persistence on OS X Mavericks

by Patrick Wardle
at Shakacon
type slides
hash 9135ead4f70d97f8fa4345b2107b32e0decc4ddfdd8dce32fbf24c524eda3202

Methods of Malware Persistence on OS X Mavericks

by Patrick Wardle
at VB
type slides
hash 8e2f80af933041a7348f0fa1a37c03e75b0a09d5b9f5d453e63e031dbdd91ceb

OS X Yosemite Artifacts – Call history and SMS analysis

by nofate
at N/A
type slides
hash fe907f6aa54ba6adcc57b5e5c269ec4606fd8f88eed8d2b1d1cdf3fd0b648ad7

BadXNU – A rotten apple!

by fG!
at CODE BLUE
type slides
hash a0d60866c936e4191f5c5a0a220b41377a6b2723498d5d724a0ba3d54824efe9

In lieu of swap: Analyzing compressed RAM in Mac OS X and Linux

by Andrew Case, Golden G. Richard III
at DFRWS
type paper
hash 1ddd0eee0008fb9756e99dd2a397a4b85daab9c0e6c31fc8bc3ada8fb8ea862a

Improving Mac OS X Security Through Gray Box Fuzzing Technique

by Various Authors
at EuroSec’14
type paper
hash 667e1f63368af9a7dfd591ee32a4aaae9894bd40a25f29beccbf878dd2e3fe1f

Rex vs The Romans

by fG!
at SyScan Singapore
type slides
hash 9568a24929797e1cdd02cae2123ad3ec7f39969e5f0130ae3861f793d6d20baf

Fuck You Hacking Team! - From Portugal, with Love.

by fG!
at Shakacon
type slides
hash 43ab29c8a46f1e553aab8b2d2205fb45b8656fa95f25bb111d1b3e0cf7cdbc19

Fuck You Hacking Team! - From Portugal, with Love.

by fG!
at SyScan360 Beijing
type slides
hash 74d2cab89c3aff7ecaf85f006c6f86e8c6c89e56359168634d07083728e9fb18

You can't see me - A Mac OS X Rootkit uses tricks you haven't known yet

by Ming-chieh Pan & Sung-ting Tsai
at BlackHat Asia
type slides
hash 03195c3129c7951720b948df76ec29c0d30a3986670fe7dcf7b8aea4ebb91381

You can't see me - A Mac OS X Rootkit uses tricks you haven't known yet

by Ming-chieh Pan & Sung-ting Tsai
at BlackHat Asia
type paper
hash 42a61e23d4a048a4b4c222b92968d630925adb0e7cad67e07edb2438d8281323

Mac OS X Forensics - En Profundidad

by Joaquin Moreno
at RootedCon
type slides
hash 742fcf855b26804ebced206764cbd7847dc6448ed3500029d4154c0ea11e9e5f

Hunting Mac Malware with Memory Forensics

by Andrew Case
at RSA
type slides
hash 090805e025852cc6830c5e5ce5a0370f4959b21fa7eb138a38f7066d9cac2391

top

2015

Fuzzing OS X at Scale

by Ben Nagy
at Infiltrate
type slides
hash 1cbb59ba56dedde2f7e0ed37593dbda6c3baccc654f5bf78957d749a5263b13a

Mac OS X Forensics

by Joaquin Moreno Garijo
at N/A
type paper
hash f529b7e3fe791efbf214a68189ae8d9a4f90871b89cc1f28a4170af29d15a308

Unauthorized Cross-App Resource Access on MAC OS X and iOS

by Various Authors
at N/A
type paper
hash ece3215f1041638c7e80717f3528c48fffb5d9d0f9b925cd46938a293c3d9f4f

WRITING BAD @$$ MALWARE FOR OS X

by Patrick Wardle
at Infiltrate
type slides
hash aef5e30aade6477bb3351a6fb7f06242f3440eeec9c487b00753ce73b718bb60

WRITING BAD @$$ MALWARE FOR OS X

by Patrick Wardle
at BlackHat
type slides
hash 6c4eca77d3fbb6379919947136c28a5a0c6aa60ec6ea35be9c7f9f61be3dcc9d

DYLIB HIJACKING ON OS X

by Patrick Wardle
at VB
type paper
hash 744c31a3dff52f2dd39eedac05356ba50532a119ade81ac0b670bffc448f7e3a

Exposing Gatekeeper

by Patrick Wardle
at VB
type slides
hash 1548d093d53cb83b68042952abd23238bd1c728071c159becef224d1a4ba1df3

Thunderstrike 2: Sith Strike (draft version)

by Trammmell Hudson, Corey Kallenberg & Xeno Kovah
at BlackHat
type slides
hash e13704d453748f03908fb2744af936760b182c9528564d7da0424fe6ce998018

Thunderstrike 2: Sith Strike

by Trammmell Hudson, Corey Kallenberg & Xeno Kovah
at BlackHat
type slides
hash f6564f3811fd1fef7f7a0928710defe26bfab14501791fd7b899b7997de62ccb

Thunderstrike 2: Sith Strike – A MacBook firmware worm

by Trammmell Hudson, Corey Kallenberg & Xeno Kovah
at HITB GSEC
type slides
hash 820a8a182b14f478d0c63667303cad70ccbe66438bdcf2e2f3d5de5fc1fe5354

Is there an EFI monster inside your apple?

by fG!
at 44CON
type slides
hash fafab87747d3804576bd730a5064f8f2a886286cc1fe55e2ab45b5d6a50cf734

Is there an EFI monster inside your apple?

by fG!
at SyScan360 Beijing
type slides
hash b001cbed3b698401bb727a7519daaafb308b03630a1196f9fd4a8abb6b7a345f

Is there an EFI monster inside your apple?

by fG!
at CODE BLUE"
type slides
hash e7da969838c9febe2fa824234b945c6fd8adc244f41703273e0efdb6a25e492d

OS X Kernel is As Strong as its Weakest Part

by Liang Chen and ShuaiTian Zhao
at POC
type slides
hash e85e6888cdd01d746688fb018bd791d92e2527043c7dcb46c8801e2bdcbe4a3a

BadXNU – A rotten apple!

by fG!
at SyScan
type slides
hash 785bd71c56a1eee59dc2a5d841795ef82612ba04a5f7d1b31a3b2fa4cb78f950

Is there an EFI monster inside your apple?

by fG!
at No cON Name
type slides
hash 7747ce3806b4395d256277d123aaa3cb2b7a2fa9b2ecfb49a4c2d8011b52df02

BadXNU – A rotten apple!

by fG!
at No cON Name
type slides
hash ab5b6862c43078a9cb86e1b5f8786f9df3653ebabf3a1930e1a4172805f7ea41

IPv6 Hardening Guide for OS X

by ERNW
at N/A
type paper
hash bfd0cf9a0f78080cb7e316ed47fa632e59178bf5f2d56411a1a092332a741eac

DTrace + OS X = Fun

by Andrezj Dyjak
at Confidence
type slides
hash 21d026accb27745f3ba29b2746fcd7964dc5c7e2c816f8967ff87db9d7236b7b

Advancing Mac OS X rootkit detection

by Andrew Case, Golden G. Richard III
at DFRWS
type paper
hash 8087e827c229ed50a7d8d5e52fdcfba34044ee43e410f3b7ac2081f833aa4516

Code Signing – Hashed Out

by Jonathan Levin
at RSA
type slides
hash 9a7e284d760073db1c003f63153ebd666cb4fa195b2b1edb6e8fb0fd6b4b8541

Escalating privileges on OS X and iOS – IOKit edition

by Ian Beer
at SyScan
type slides
hash 1f349be7520229f22f7ba742c4ee7d1364f22069ae75e896d05ee3d893dae93a

Auditing and Exploiting Apple IPC

by Ian Beer
at JailBreak Security Summit
type slides
hash 026083424cae87b937761e6376301b913031f7e61b8cef71baf608d98f66bd41

BadXNU, a rotten apple!

by fG!
at BSides Lisbon
type slides
hash fcf223d11009fdcc0bdc9aae3bdef47095cfe3ffecc434ce5766fd0112d67d3a

Is there an EFI Monster inside your apple?

by fG!
at Secuinside
type slides
hash 544396ec92b28b71afabf62acc7f980517493ab0e99ca7d3c8932be047027b4e

Attacking the XNU Kernel in El Capitan

by Luca Todesco
at BlackHat EU
type slides
hash 584e966fad83cbef379da62775116910fbe0c94ae93c4a5dc4daaa6a16dd2d82

top

2016

Memory Corruption is for Wussies!

by fG!
at SyScan360 Singapore
type slides
hash fd674de59896121d15100c5cb74aa09c827caaa3f439f29d011f44f7ef3cd785

Don’t Trust Your Eye: Apple Graphics is Compromised!

by Liagn Chen, Marco Grassi, Qidan He
at CanSecWest
type slides
hash 074909f59a442817057efe82bd088d2e70eb3a7b9931695af8634610977a6302

OS X El Capitan sinking the Ship

by Stefan Esser
at SyScan360 Singapore
type slides
hash 35d97c449073cfeac6fd2789b752eb5716f1b5d39143c655c4125d546c08f6fb

50 Shades of Fuzzing

by Peter Hlavaty & Marco Grassi
at Shakacon
type slides
hash c0794b96400d2ed883dabf635005529df1a245a493b9f06a46b05848c1c0e4c3

Let’s Play Doctor – Practical OS X Malware Detection & Analysis

by Patrick Wardle
at Shakacon
type slides
hash 97c21e3507f630e1eb708026c69e7be6e1d470a24fcb429df5a68ec33ffa3d9e

In the Zone: OS X Heap Exploitation

by Tyler Bohan
at SummerCon
type slides
hash 2819e516b8b575ccec5edcc4ccc06a696e4a1fcefd2b683ad0fbf85cde48104b

Detecting malicious behaviour using system calls

by Vincent Van Mieghem
at N/A
type thesis
hash bc30802c78e91542d84f13973948e3ca233577631ff3c3e47f3b2d04be5ae6ab

SUBVERTING APPLE GRAPHICS: PRACTICAL APPROACHES TO REMOTELY GAINING ROOT

by Liang Chen, Qidan He, Marco Grassi, Yubin Fu
at BlackHat
type slides
hash 9237a065b9b75ebb10390cdb47f368f7cedbf1cbba22acf457c5c1bde3dadc85

SUBVERTING APPLE GRAPHICS: PRACTICAL APPROACHES TO REMOTELY GAINING ROOT (BH site version)

by Liang Chen, Qidan He, Marco Grassi, Yubin Fu
at BlackHat
type slides
hash 816768020ac080dd1de5fe5ae9ca8fe46985e9ff911a4fbffc3f05f915ebffc4

SUBVERTING APPLE GRAPHICS: PRACTICAL APPROACHES TO REMOTELY GAINING ROOT

by Liang Chen, Qidan He, Marco Grassi, Yubin Fu
at BlackHat
type paper
hash b90c397f889f95ee66e2907ddd178e253090aafc4619e1942b10ecefd2c18f2f

The Python Bites Your Apple - Fuzzing and Exploiting OS X Kernel Bugs

by Flanker
at XKungfoo
type slides
hash 2a80304a594498afdbe86cf83468f7d5a0be1b72720c71fc4659cdfd8e15c071

OS X Vulnerability Research and Why We Wrote our Own Debugger

by Tyler Bohan, Brandon Edwards
at Shmoocon
type slides
hash fbd7cb9921991fdacddbab3ec9e68585c84dcbc3d2a5cea0c60a659c185d921c

Shooting the OS X El Capitan Kernel Like a Sniper

by Liang Chen, Qidan He
at ReCon
type slides
hash ee37a51aee19514adbd7c60dc7e836f5c834be3c0c605c07de094029bd00b27a

I got 99 problems, but Little Snitch ain't one!

by Patrick Wardle
at Def Con
type slides
hash 3772c853f8dad2a867b9d52eaf29b9011ae0cdf3ed03a2cf820612c7005de8eb

Escaping the sandbox by not breaking it

by Marco Grassi, Qidan He
at Def Con
type slides
hash cbef9aac1349afd0b16d77c425f582642d6088f9fe183001f856ca39cd120f27

Mach-O Libre - Pile driving Apple Malware with Static Analysis, Big Data, & Automation

by Aaron Stephens, Will Peteroy
at FIRST
type slides
hash 5a1d7978f9e8a658df61a13cb4afc78c5b87c2653a1482cfd1b736ac6777a37e

Swift Reversing

by Ryan Stortz
at Infiltrate
type slides
hash 903836f2b7a2218bf8533d719542a4bb2019370508692b28883cb60e7b8aa05a

Reverse Engineering Swift Apps

by Michael Gianarakis
at HITB GSEC
type slides
hash 062bfbde287b2e32e9f9fec08e85329f6368ab4f521255526533e26f6bd251c1

Hack in the (sand)Box - The Apple Sandbox - five years later

by Jonathan Levin
at HITB GSEC
type slides
hash 2c23141f590208898e42c40ac002f04a28d5cdd6a90977bacfa924dc8a4eb06f

top