Home

Awesome

osx-security-awesome AwesomeTravis


A collection of OSX/iOS security related resources


News


Linking a microphone

iOS vulnerability write-up

iOS display bugs

Mac Virus

Intego Mac Security Blog

Objective-See

The Safe Mac

Mac Security

OSX Daily

Hardening

macops

SUpraudit

EFIgy

Launchd

OSX startup sequence

Google OSX hardening

Run any command in a sandbox

Sandblaster

OSX El Capitan Hardening Guide

Hardening hardware and choosing a good BIOS

Malware sample sources

Objective-See

Alien Vault

Contagio malware dump

Digital Forensics / Incident Response (DFIR)

APOLLO tool

venator

lynis

AutoMacTC

Legacy Exec History

Using the macOS/iOS knowledgeC.db Database to Determine Precise User and Application Usage

Artefacts for Mac OSX

Pac4Mac

Inception

Volafox

Mac4n6

Keychain analysis with Mac OSX Forensics

OSX Collector

OSX incident response

iOS Instrumentation without jailbreaking

Certo

Blackbag Tech free tools

OSX (Mac) Memory Acquisition and Analysis Using OSXpmem and Volatility

mac-apt

Reverse engineering

New OS X Book

Collection of OSX reverse engineering resources

The iPhone Wiki

Reverse engineering OSX

OSX crackmes

Introduction to Reverse Engineering Cocoa Applications

iOS Kernel source

Reverse Engineering Challenges

Awesome Reversing

Presentations and Papers

Area41 2018: Daniel Roethlisberger: Monitoring MacOS For Malware And Intrusions

Windshift APT

Automated Binary Analysis on iOS – A Case Study on Cryptographic Misuse in iOS Applications

Writing Bad @$$ Malware for OSX

Methods of Malware Persistence on OSX

Advanced Mac OSX Rootkits

The Python Bytes Your Apple

Breaking iOS Code Signing

The Apple Sandbox - 5 years later

Practical iOS App Hacking

Behavioral Detection and Prevention of Malware on OS X

Security on OSX and iOS

Thunderstrike

Direct Memory Attack the Kernel

Don't trust your eye, Apple graphics is compromised

Fuzzing and Exploiting OSX Vulnerabilities for Fun and Profit Complementary Active & Passive Fuzzing

Strolling into Ring-0 via I/O Kit Drivers

Juice Jacking

Attacking OSX for fun and profit tool set limiations frustration and table flipping Dan Tentler

Building an EmPyre with Python

PoisonTap

Storing our Digital Lives - Mac Filesystems from MFS to APFS

Collection of mac4en6 papers/presentations

The Underground Economy of Apple ID

iOS of Sauron: How iOS Tracks Everything You Do

macOS/iOS Kernel Debugging and Heap Feng Shui

Billy Ellis iOS/OSX hacking YouTube channel

A Technical Autopsy of the Apple - FBI Debate using iPhone forensics | SANS DFIR Webcast

Jailbreaking Apple Watch at DEFCON-25

SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles

Virus and exploit writeups

Detailed Analysis of macOS/iOS Vulnerability CVE-2019-6231

kernelcache laundering

blanket

Proof of Concept for Remote Code Execution in WebContent

There's Life in the Old Dog Yet: Tearing New Holes into Intel/iPhone Cellular Modems

I can be Apple, and so can you

Leveraging emond on macOS for persistence

APFS credential leak vulnerability

A fun XNU infoleak

Meltdown

Flashback

Flashback pt 2

iWorm

Thunderbolt

Malware in firmware: how to exploit a false sense of security

Proton RAT

Mokes

MacKeeper

OpinionSpy

Elanor

Mac Defender

Wire Lurker

KeRanger

Proof-of-concept USB attack

Dark Jedi

EFI attack that exploits a vulnerability in suspend-resume cycle Sentinel One write-up

XAgent Mac Malware Used In APT-28

Juice Jacking

Local Privilege Escalation for macOS 10.12.2 and XNU port Feng Shui

Ian Beer, Google Project Zero: "A deep-dive into the many flavors of IPC available on OS X."

PEGASUS iOS Kernel Vulnerability Explained

Analysis of iOS.GuiInject Adware Library

Broadpwn

Reverse Engineering and Abusing Apple Call Relay Protocol

Exploiting the Wifi Stack on Apple Devices

Google's Project Zero series of articles that detail vulnerabilities in the wireless stack used by Apple Devices

ChaiOS bug

Useful tools and guides

Mac@IBM

mOSL

Darling

Kemon

jelbrektime

Booting Secure

Tutorial - emulate an iOS kernel in QEMU up to launchd and userspace

xnumon

DetectX

Are you really signed?

osx security growler

mac-a-mal

jrswizzle

MacDBG

bitcode_retriever

machotools

onyx-the-black-cat (outdated original)

create-dmg

dmg2iso

Infosec Homebrew

Awesome OSX Command Line

Keychain dump

KnockKnock

Lingon-X

Hopper

Symhash

KisMac2

Passive fuzz framework

Platypus

createOSXinstallPkg

PoisonTap

Chipsec

Revisiting Mac OS X Kernel Rootkits by Phrack Magazine

iPhone Data Protection in Depth

Cycript

ChaoticMarch

iOS backup decrypt script

Remote Packet Capture for iOS Devices

Pareto Security

Mana Security

cnspec

Intro To IOS Malware Detection

Ipsw Walkthrough

Remote Access Toolkits

Empyre

Bella

Stitch

Pupy

EggShell surveillance tool - Works on OSX and jailbroken iOS

EvilOSX - Pure python post-exploitation toolkit

Worth following on Twitter

Other OSX Awesome lists