Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Writing Badass Malware for OS X

Black Hat via YouTube

Overview

Explore advanced techniques for creating sophisticated OS X malware and learn how to better secure your Mac in this 52-minute Black Hat conference talk. Delve into novel persistence methods, abuse of native OS X components to hinder analysis, and ways to bypass OS X's built-in malware mitigations and third-party security tools. Discover how to remotely bypass Gatekeeper, circumvent Apple's 'rootpipe' patch, and generically bypass popular antivirus and personal firewall products. Gain insights into infection methods, software distribution, binary infection, and self-defense mechanisms employed by malware. Learn about runtime injection, load-time injection, and techniques to exploit vulnerabilities in OS X security features. Conclude with an introduction to free security tools that can detect and prevent advanced OS X threats, empowering you to enhance your Mac's protection against current and future malware.

Syllabus

Introduction
Overview
Why Care
Mac Malware
XSL CMD
AI Worm
Why
Hacking Teams
Conclusions
Our Goal
Infection
Software Distribution
Persistence
Binary Infection
How Secure Is It
Removing The Signature Block
Dialit Hijacking
Persistence Example
Self Defense
Encryption
Custom Loader
InMemory File Loader
Hiding Die Libraries
Making Malware Harder To Delete
SelfMonitoring
Architecture
Shell Code
Inject
Runtime Injection
Load Time Injection
Gatekeeper
How Gatekeeper Works
How Gatekeeper Doesnt Work
How Gatekeeper Works Again
Popups
XProtect
Hash
Sandbox
Kernel Code Signing
Loading Unsigned Extensions
Root Pipe
Root
Static signatures
Little Snitch
GBGKeychain
iCloud Bypass
Proof of Concept
Testing
Security
KnockKnock
Virus Total Integration
BlockBlock
Task Explorer
El Capitan
Demo
Conclusion
QA

Taught by

Black Hat

Reviews

Start your review of Writing Badass Malware for OS X

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.