Posts
-
January 19, 2021
About com.apple.private.security.clear-library-validation
-
January 17, 2021
Divide and Conquer - A technique to bypass NextGen AV
-
December 13, 2020
Reversing engineering the fix of CVE-2020-9771
-
November 17, 2020
Microsoft Teams for macOS Local Privilege Escalation
-
October 26, 2020
Getting started in macOS security
-
October 22, 2020
Let's talk macOS Authorization
-
July 3, 2020
CVE-2020-9771 - mount_apfs TCC bypass and privilege escalation
-
June 16, 2020
Secure coding XPC Services - Part 5 - PID reuse attacks (CVE-2020-14977)
-
June 12, 2020
Secure coding XPC Services - Part 4 - Improved client authorization (CVE-2020-14978)
-
June 9, 2020
The AMFI MACF policy system call
-
May 29, 2020
Secure coding XPC Services - Part 3 - Incorrect client verification (CVE-2020-0984)
-
May 12, 2020
Kernel Debugging macOS with SIP
-
March 22, 2020
Secure coding XPC Services - Part 2 - Checking CS (CodeSigning) flags of the client
-
March 18, 2020
Exploiting directory permissions on macOS
-
January 12, 2020
Secure coding XPC services - Part 1 - Why EvenBetterAuthorization is not enough? (CVE-2019-20057)
-
November 4, 2019
macOS persistence - Spotlight importers and how to create them
-
October 25, 2019
GateKeeper - Bypass or not bypass?
-
October 12, 2019
IOBit Unlocker 1.1.2 - Local Privilege Escalation (CVE-2020-14974 & CVE-2020-14975)
-
October 5, 2019
Few click RCE via GitHub Desktop macOS client with Gatekeeper bypass and custom URL handlers
-
August 9, 2019
UninstallString - a possible LPE via Social Engineering