MacOS

https://www.linkedin.com/posts/patrick-wardle-34580581_as-always-ive-been-spelunking-around-macos-activity-7021564232227819520-4cGr?utm_source=share&utm_medium=member_desktop As always, I’ve been spelunking around macOS. Stoked to have just released a new open-source tool: “DumpBTM”

Being able to programmatically parse macOS’s proprietary BackgroundItems-v4.btm file (which contains records of all persistently installed items) is massively useful for detecting persistent Mac malware!

To read more, including full source (for your own macOS security tools), see: https://lnkd.in/gYH3KpqP

Vulnerability Research Digest - Issue 1 (macOS/iOS in 2022) – Blog – Random Security Research

sickcodes/Docker-OSX: Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.

parsdefense/ios-kernel-heap-profiler: iOS kernel heap memory profiler for sprayers

[In-Memory Execution in macOS: the Old and the New

Meta Red Team X](https://rtx.meta.security/post-exploitation/2022/12/19/In-Memory-Execution-in-macOS.html)