August 5, 2023Jin Zhao
Jin Zhao
OffSec macOS Researchers (OSMRs) have the skills necessary to bypass security controls implemented by macOS, and exploit logic vulnerabilities to perform privilege escalation on macOS systems.
OSMRs can:
* Understand macOS internals
* Bypass Transparency, Content and Control (TCC) protections
* Escape the Sandbox
* Perform symlink attacks and exploit XPC services for privilege escalation
They are able to conduct penetration tests or red teaming exercises on macOS platforms.
Skills / Knowledge
- Debugging
- Tracing Hopper
- Shellcoding in macOS
- Dylib Injection
- Mach and Mach Injection
- Hooking
- XPC Exploitation
- Sandbox Escape
- Attacking Privacy (TCC)
- Symlink Attacks
- Kernel Code Execution
- macOS Pentesting
- Loose Comparisons
- Bypassing Character Restrictions
- PostgreSQL Large Objects
- Debugging .NET Assemblies
- Windows Buffer Overflow
- Linux Buffer Overflow
- Locating Public Exploits
- Fixing Public Exploits
- File Transfers
- Antivirus Evasion
- Port Redirection
- Tunneling
- Active Directory Attacks
- PowerShell Empire
- Privilege Escalation
- Metasploit
- Port Scanning
- Information Gathering
Issued on
August 5, 2023
Expires on
Does not expire