Cybersecurity
-
Unlocking macOS Internals: A Beginner’s Guide to Apple’s Open Source Code
An introduction to macOS internals and Apple’s open-source ecosystem, explaining how researchers can study shared macOS/iOS components like the XNU kernel for security and reverse engineering. It also highlights the challenges of Apple’s delayed, incomplete, and difficult-to-build OSS releases.
-
CFI with Clang, macOS, and Clang on macOS
CFI strengthens system security by preventing me from hijacking a program’s control flow. Covers Clang, macOS, and Clang on macOS!
-
The Anatomy of a Mach-O: Structure, Code Signing, and PAC
The Mach Object (Mach-O) is the binary format used on Apple’s operating systems for executables, libraries, and object code.
-
Control Flow Integrity (CFI): User vs Kernel Land
A comparison of Control Flow Integrity (CFI) in user mode vs. kernel mode, exploring how OS mitigations differ across privilege levels.
-
macOS Internals for Detection Engineers
This post is inspired by a conversation I had with a detection engineer about macOS versioning—how it affects my life, and the challenges of keeping various versions of macOS secure.
-
Miles for Mac Security: Supporting FOSS and Aspiring Hackers
Miles for Mac Security: Fundraiser to support free and open source software (FOSS) and aspiring hackers.
-
ASLR, bypass techniques, and circumvention impacts
Address space layout randomization (ASLR) randomizes memory addresses used by system and application processes.
-
How to use ROP to bypass security mechanisms
Learn how to bypass and circumvent W^X, ASLR, and stack canaries using return-oriented programming (ROP) by controlling execution flow!
-
How OS affects binary exploitation
This blog explores how foundational OS topics like System V, POSIX, UNIX, and BSD influence binary exploitation on macOS and Linux.