Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

osx-security-awesome

A collection of OSX and iOS security resources
https://github.com/kai5263499/osx-security-awesome

Last synced: about 11 hours ago
JSON representation

Hardening
- [Sandblaster](https://github.com/malus-security/sandblaster)
  - Paper
  - Paper
Digital Forensics / Incident Response (DFIR)
- APOLLO tool
  - Presentation slides
  - Source code
- [AutoMacTC](https://github.com/CrowdStrike/automactc)
  - Modular forensic triage collection framework
- [OSX incident response](https://www.youtube.com/watch?v=gNJ10Kt4I9E)
  - Slides
- [venator](https://posts.specterops.io/introducing-venator-a-macos-tool-for-proactive-detection-34055a017e56)
  - Source
- [mac-apt](https://github.com/ydkhatri/mac_apt)
  - DFIR scripts
Presentations and Papers
- [Windshift APT](https://www.youtube.com/watch?v=Mza6qv4mY9I&feature=youtu.be&t=6h12m24s)
  - Deep-dive write-up by Objective See
- [Writing Bad @$$ Malware for OSX](https://www.youtube.com/watch?v=fv4l9yAL2sU)
  - Slides
- [Security on OSX and iOS](https://www.youtube.com/watch?v=fdxxPRbXPsI)
  - Slides
- [Thunderstrike](https://trmm.net/Thunderstrike_31c3)
  - Video
- [Attacking OSX for fun and profit tool set limiations frustration and table flipping Dan Tentler](https://www.youtube.com/watch?v=9T_2KYox9Us)
  - Follow-up from target
- [Storing our Digital Lives - Mac Filesystems from MFS to APFS](https://www.youtube.com/watch?v=uMfmgcnrn24)
  - slides
  - slides
- [SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles](http://www.icri-sc.org/fileadmin/user_upload/Group_TRUST/PubsPDF/sandscout-final-ccs-2016.pdf)
  - Presentation
Virus and exploit writeups
- [Proof of Concept for Remote Code Execution in WebContent](https://github.com/externalist/exploit_playground/blob/master/CVE-2018-4233/pwn_i8.js)
  - MachO tricks - Appears to be slides from a presentation that ends with the CVE listed above
- [I can be Apple, and so can you](https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/)
  - Creating signed and customized backdoored macos apps
- Meltdown
- [Flashback](https://www.cnet.com/news/more-than-600000-macs-infected-with-flashback-botnet/)
  - Detailed analysis
- [iWorm](https://www.thesafemac.com/iworm-method-of-infection-found/)
  - Detailed analysis
- [XAgent Mac Malware Used In APT-28](https://labs.bitdefender.com/2017/02/new-xagent-mac-malware-linked-with-the-apt28/)
  - Samples
- Exploiting the Wifi Stack on Apple Devices
- [ChaiOS bug](https://www.grahamcluley.com/chaios-bug-crash-ios-macos-messages/)
  - previous - security-blog/crash-text-message-iphone/) rendering Arabic characters
Useful tools and guides
- [Remote Packet Capture for iOS Devices](https://useyourloaf.com/blog/remote-packet-capture-for-ios-devices/)
  - Python utility
Worth following on Twitter
- [EvilOSX](https://github.com/Marten4n6/EvilOSX) - Pure python post-exploitation toolkit

Programming Languages

Python 3 C 1

Categories

Virus and exploit writeups 15 Worth following on Twitter 10 Presentations and Papers 8 Digital Forensics / Incident Response (DFIR) 6 Hardening 2 Useful tools and guides 1

Sub Categories

[EvilOSX](https://github.com/Marten4n6/EvilOSX) - Pure python post-exploitation toolkit 10 Exploiting the Wifi Stack on Apple Devices 5 Meltdown 4 [Sandblaster](https://github.com/malus-security/sandblaster) 2 [Storing our Digital Lives - Mac Filesystems from MFS to APFS](https://www.youtube.com/watch?v=uMfmgcnrn24) 2 APOLLO tool 2 [ChaiOS bug](https://www.grahamcluley.com/chaios-bug-crash-ios-macos-messages/) 1 [Thunderstrike](https://trmm.net/Thunderstrike_31c3) 1 [Remote Packet Capture for iOS Devices](https://useyourloaf.com/blog/remote-packet-capture-for-ios-devices/) 1 [OSX incident response](https://www.youtube.com/watch?v=gNJ10Kt4I9E) 1 [Attacking OSX for fun and profit tool set limiations frustration and table flipping Dan Tentler](https://www.youtube.com/watch?v=9T_2KYox9Us) 1 [iWorm](https://www.thesafemac.com/iworm-method-of-infection-found/) 1 [Security on OSX and iOS](https://www.youtube.com/watch?v=fdxxPRbXPsI) 1 [mac-apt](https://github.com/ydkhatri/mac_apt) 1 [Proof of Concept for Remote Code Execution in WebContent](https://github.com/externalist/exploit_playground/blob/master/CVE-2018-4233/pwn_i8.js) 1 [XAgent Mac Malware Used In APT-28](https://labs.bitdefender.com/2017/02/new-xagent-mac-malware-linked-with-the-apt28/) 1 [venator](https://posts.specterops.io/introducing-venator-a-macos-tool-for-proactive-detection-34055a017e56) 1 [Writing Bad @$$ Malware for OSX](https://www.youtube.com/watch?v=fv4l9yAL2sU) 1 [Windshift APT](https://www.youtube.com/watch?v=Mza6qv4mY9I&feature=youtu.be&t=6h12m24s) 1 [Flashback](https://www.cnet.com/news/more-than-600000-macs-infected-with-flashback-botnet/) 1 [I can be Apple, and so can you](https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/) 1 [AutoMacTC](https://github.com/CrowdStrike/automactc) 1 [SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles](http://www.icri-sc.org/fileadmin/user_upload/Group_TRUST/PubsPDF/sandscout-final-ccs-2016.pdf) 1

Keywords

macos 2 osx 1 mac 1 forensics 1 python 1 detection 1 deprecated 1