March 29, 2023Yousuf Al-hajri
Yousuf Al-hajri
OffSec macOS Researchers (OSMRs) have the skills necessary to bypass security controls implemented by macOS, and exploit logic vulnerabilities to perform privilege escalation on macOS systems.
OSMRs can:
* Understand macOS internals
* Bypass Transparency, Content and Control (TCC) protections
* Escape the Sandbox
* Perform symlink attacks and exploit XPC services for privilege escalation
They are able to conduct penetration tests or red teaming exercises on macOS platforms.
Skills / Knowledge
- Debugging
- Tracing Hopper
- Shellcoding in macOS
- Dylib Injection
- Mach and Mach Injection
- Hooking
- XPC Exploitation
- Sandbox Escape
- Attacking Privacy (TCC)
- Symlink Attacks
- Kernel Code Execution
- macOS Pentesting
- Loose Comparisons
- Bypassing Character Restrictions
- PostgreSQL Large Objects
- Debugging .NET Assemblies
- Windows Buffer Overflow
- Linux Buffer Overflow
- Locating Public Exploits
- Fixing Public Exploits
- File Transfers
- Antivirus Evasion
- Port Redirection
- Tunneling
- Active Directory Attacks
- PowerShell Empire
- Privilege Escalation
- Metasploit
- Port Scanning
- Information Gathering
Issued on
March 29, 2023
Expires on
Does not expire