-
-
Save mikalv/0c536b783797fcd8eb9eb5546dcb1a50 to your computer and use it in GitHub Desktop.
macOS Internals, Reversing, and Analysis reference I've found essential.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## In no particular order. I'm pulling these from a bookmark folder, I'll work on labeling as I have time. Hope these help. Will be mixing in Linux reference as well. | |
| Sidenote: the macOS Internals series is amazing, although might be out of reach for some. However if having a hard time deciding (I definitely way) and in budget, In my opinion, they are worth the price. I've worked through Volume II, waiting on Volume III. | |
| As always, most of what we need in our world can be found open sourced and provided by some of the brightest, but it can be a frustrating journey finding material. | |
| https://www.intezer.com/blog/malware-analysis/elf-malware-analysis-101-linux-threats-no-longer-an-afterthought/ | |
| http://timetobleed.com/dynamic-linking-elf-vs-mach-o/ | |
| https://github.com/apple/darwin-xnu | |
| https://opensource.apple.com/source/xnu/ | |
| https://developer.apple.com/library/archive/documentation/Darwin/Conceptual/KernelProgramming/Architecture/Architecture.html | |
| https://blog.paloaltonetworks.com/tag/mac-os-x/ | |
| https://github.com/bx/machO-tools | |
| https://reverse.put.as/2019/11/19/how-to-make-lldb-a-real-debugger/ | |
| https://www.sentinelone.com/blog/how-to-reverse-macos-malware-part-one/ | |
| https://www.sentinelone.com/blog/malware-hunting-macos-practical-guide/ | |
| https://objective-see.com/ | |
| https://taomm.org/vol1/analysis.html | |
| https://objective-see.com/blog/blog_0x64.html | |
| https://www.soupbowl.io/2020/04/macos-in-virtualbox/#setup-vbox | |
| https://www.starlab.io/blog/the-linux-security-hardening-checklist-for-embedded-systems | |
| https://attack.mitre.org/versions/v9/matrices/enterprise/macos/ | |
| https://theevilbit.github.io/posts/getting_started_in_macos_security/ | |
| https://opensource.apple.com/ | |
| https://developer.apple.com/library/archive/documentation/MacOSX/Conceptual/OSX_Technology_Overview/SystemTechnology/SystemTechnology.html | |
| https://bugs.chromium.org/p/project-zero/issues/list?q=vendor%3DApple&can=1 | |
| https://support.apple.com/guide/security/welcome/1/web | |
| https://reverse.put.as/ | |
| https://papers.put.as/macosx/macosx/ | |
| https://github.com/theevilbit/Shield | |
| https://developer.apple.com/account/#/overview/2NRB6WX7UD | |
| https://cryptpad.fr/drive/# | |
| https://support.apple.com/en-us/HT212325 | |
| https://developer.apple.com/documentation/security | |
| https://theevilbit.github.io/posts/ | |
| https://developer.apple.com/library/archive/navigation/ | |
| https://themittenmac.com/ | |
| https://wojciechregula.blog/post/press-5-keys-and-become-root-aka-cve-2021-30655/ | |
| https://infocon.org/cons/Black%20Hat/Black%20Hat%20USA/Black%20Hat%20USA%202019/Zombie%20Ant%20Farming%20Practical%20Tips%20for%20Playing%20Hide%20and%20Seek%20with%20Linux%20EDRs.mp4 | |
| https://bradleyjkemp.dev/post/launchdaemon-hijacking/ | |
| https://secret.club/ | |
| https://www.felixcloutier.com/x86/ | |
| https://developer.apple.com/documentation/kernel/mach/vm | |
| https://github.com/aidansteele/osx-abi-macho-file-format-reference | |
| https://malwareunicorn.org/workshops/re102.html#7 | |
| https://github.com/michalmalik/linux-re-101 | |
| https://www.trendmicro.com/en_us/research/21/f/CVE-2021-30724_CVMServer_Vulnerability_in_macOS_and_iOS.html?utm_source=trendmicroresearch&utm_medium=smk&utm_campaign=0621_vulnmac30724 | |
| https://vx-underground.org/papers.html | |
| https://github.com/airbnb/binaryalert/tree/master/rules/public/malware/macos |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment