| EXP-3012/OSMR_EXP312.pdf |
18.2 MB |
| EXP-3012/Videos/0.EXP312-COPY_00_00-Copyright.mp4 |
909 KB |
| EXP-3012/Videos/1.EXP312-Tools_00_00-macOS Binary Analysis Tools.mp4 |
6.4 MB |
| EXP-3012/Videos/10.EXP312-Tools_03_00-Dynamic Analysis.mp4 |
880 KB |
| EXP-3012/Videos/100.EXP312-TCC_03_00-Bypass TCC via Spotlight Importer Plugins.mp4 |
537 KB |
| EXP-3012/Videos/101.EXP312-TCC_03_01-The Spotlight Service.mp4 |
6.4 MB |
| EXP-3012/Videos/102.EXP312-TCC_03_02-Vulnerability Analysis.mp4 |
934 KB |
| EXP-3012/Videos/103.EXP312-TCC_03_03-Exploitation.mp4 |
12.9 MB |
| EXP-3012/Videos/104.EXP312-TCC_05_00-Gain Full Disk Access via Terminal.mp4 |
7.1 MB |
| EXP-3012/Videos/105.EXP312-Symlink_03_00-CVE-2020-3855 - macOS DiagnosticMessages File Overwrite Vulnerability.mp4 |
23.4 MB |
| EXP-3012/Videos/106.EXP312-Symlink_04_00-CVE-2020-3762 - Adobe Reader macOS Installer Local Privilege Escalation.mp4 |
14.6 MB |
| EXP-3012/Videos/107.EXP312-Symlink_05_00-CVE-2019-8802 - macOS Manpages Local Privilege Escalation.mp4 |
15.4 MB |
| EXP-3012/Videos/108.EXP312-Kernel_02_00-Sample KEXT.mp4 |
9.3 MB |
| EXP-3012/Videos/109.EXP312-Kernel_03_00-The KEXT Loading Process.mp4 |
4.4 MB |
| EXP-3012/Videos/11.EXP312-Tools_04_00-The LLDB Debugger.mp4 |
1.3 MB |
| EXP-3012/Videos/110.EXP312-Kernel_03_01-Initiating KEXT Load Requests.mp4 |
4.9 MB |
| EXP-3012/Videos/111.EXP312-Kernel_03_02-Entering kextd.mp4 |
8.3 MB |
| EXP-3012/Videos/112.EXP312-Kernel_03_03-KEXT Staging.mp4 |
15.3 MB |
| EXP-3012/Videos/113.EXP312-Kernel_03_04-KEXT Authentication and syspolicyd.mp4 |
11.3 MB |
| EXP-3012/Videos/114.EXP312-Kernel_03_05-Loading the KEXT Entering XNU.mp4 |
5.7 MB |
| EXP-3012/Videos/115.EXP312-Kernel_04_00-CVE-2020-9939 - Unsigned KEXT Load Vulnerability.mp4 |
632 KB |
| EXP-3012/Videos/116.EXP312-Kernel_04_01-The Vulnerability and the Exploit Plan.mp4 |
3.9 MB |
| EXP-3012/Videos/117.EXP312-Kernel_04_02-Staging a KEXT with Symlink.mp4 |
5.2 MB |
| EXP-3012/Videos/118.EXP312-Kernel_04_03-The Insecure Location Problem.mp4 |
6 MB |
| EXP-3012/Videos/119.EXP312-Kernel_04_04-The Race to the Kernel.mp4 |
23.1 MB |
| EXP-3012/Videos/12.EXP312-Tools_04_01-Setting Breakpoints.mp4 |
8 MB |
| EXP-3012/Videos/120.EXP312-Kernel_04_05-Disabling SIP.mp4 |
2.9 MB |
| EXP-3012/Videos/121.EXP312-Kernel_05_00-CVE-2021-1779 - Unsigned KEXT Load Vulnerability.mp4 |
624 KB |
| EXP-3012/Videos/122.EXP312-Kernel_05_01-The Patch.mp4 |
4.4 MB |
| EXP-3012/Videos/123.EXP312-Kernel_05_02-Bypassing Code Signing.mp4 |
7.6 MB |
| EXP-3012/Videos/124.EXP312-Kernel_05_03-Forget the Race Meet Interactive Mode.mp4 |
10.5 MB |
| EXP-3012/Videos/125.EXP312-PITA_00_00-macOS Penetration Testing.mp4 |
1.3 MB |
| EXP-3012/Videos/126.EXP312-PITA_01_00-Small Step For Man.mp4 |
7.8 MB |
| EXP-3012/Videos/127.EXP312-PITA_02_00-The Jail.mp4 |
4.4 MB |
| EXP-3012/Videos/128.EXP312-PITA_02_01-Prison Break.mp4 |
10.6 MB |
| EXP-3012/Videos/129.EXP312-PITA_02_02-Lets Persist.mp4 |
5.5 MB |
| EXP-3012/Videos/13.EXP312-Tools_04_02-Disassembling with LLDB.mp4 |
3.6 MB |
| EXP-3012/Videos/130.EXP312-PITA_03_00-I am (g)root.mp4 |
427 KB |
| EXP-3012/Videos/131.EXP312-PITA_03_01-Searching for Low-Hanging Fruit.mp4 |
4.9 MB |
| EXP-3012/Videos/132.EXP312-PITA_04_00-CVE-2020-26893 - I Like To Move It Move It.mp4 |
14.2 MB |
| EXP-3012/Videos/133.EXP312-PITA_04_01-Periodic Scripts.mp4 |
1.9 MB |
| EXP-3012/Videos/134.EXP312-PITA_04_02-PAM Modules.mp4 |
5.6 MB |
| EXP-3012/Videos/135.EXP312-PITA_04_03-This is the Way.mp4 |
13.4 MB |
| EXP-3012/Videos/136.EXP312-PITA_05_00-Private Documents - We Wants It We Needs It.mp4 |
5.4 MB |
| EXP-3012/Videos/137.EXP312-PITA_05_01-CVE-2020-9934 - HOME Relocation.mp4 |
9.9 MB |
| EXP-3012/Videos/138.EXP312-PITA_06_00-The Core.mp4 |
2.2 MB |
| EXP-3012/Videos/14.EXP312-Tools_04_03-Reading and Writing Memory and Registers.mp4 |
4 MB |
| EXP-3012/Videos/15.EXP312-Tools_04_04-Modifying Code During Debugging.mp4 |
10.6 MB |
| EXP-3012/Videos/16.EXP312-Tools_05_00-Debugging with Hopper.mp4 |
1.7 MB |
| EXP-3012/Videos/17.EXP312-Tools_05_02-Starting the Debugger.mp4 |
3.4 MB |
| EXP-3012/Videos/18.EXP312-Tools_05_03-Basic Controls and Functionality.mp4 |
6.6 MB |
| EXP-3012/Videos/19.EXP312-Tools_05_04-Inspecting External Function Resolution.mp4 |
5.3 MB |
| EXP-3012/Videos/2.EXP312-Tools_01_00-Command Line Static Analysis Tools.mp4 |
624 KB |
| EXP-3012/Videos/20.EXP312-Tools_06_00-Tracing Applications with DTrace.mp4 |
1.3 MB |
| EXP-3012/Videos/21.EXP312-Tools_06_02-DTrace Example - Monitoring System Calls.mp4 |
5.5 MB |
| EXP-3012/Videos/22.EXP312-Tools_06_03-DTrace Example - Monitoring Write Calls.mp4 |
3.4 MB |
| EXP-3012/Videos/23.EXP312-Tools_06_04-DTrace Example - Creating Aggregation Info.mp4 |
2.2 MB |
| EXP-3012/Videos/24.EXP312-Tools_06_05-DTrace Probes.mp4 |
1.1 MB |
| EXP-3012/Videos/25.EXP312-Tools_06_06-System DTrace Scripts.mp4 |
5.7 MB |
| EXP-3012/Videos/26.EXP312-Tools_07_00-Wrapping Up.mp4 |
896 KB |
| EXP-3012/Videos/27.EXP312-Shellcode_01_03-Making Syscalls from Shellcode.mp4 |
6.8 MB |
| EXP-3012/Videos/28.EXP312-Shellcode_02_00-Custom Shell Command Execution in Assembly.mp4 |
4.2 MB |
| EXP-3012/Videos/29.EXP312-Shellcode_02_01-Planned Memory Layout.mp4 |
1.8 MB |
| EXP-3012/Videos/3.EXP312-Tools_01_01-codesign.mp4 |
4.8 MB |
| EXP-3012/Videos/30.EXP312-Shellcode_02_02-Putting Arguments on the Stack.mp4 |
11.4 MB |
| EXP-3012/Videos/31.EXP312-Shellcode_02_03-Setting up the Syscall.mp4 |
3.3 MB |
| EXP-3012/Videos/32.EXP312-Shellcode_02_04-Putting it Together.mp4 |
1.3 MB |
| EXP-3012/Videos/33.EXP312-Shellcode_02_05-Analyzing the Shellcode with dtrace.mp4 |
3.5 MB |
| EXP-3012/Videos/34.EXP312-Shellcode_02_06-Analyzing the Shellcode in a Debugger.mp4 |
5.4 MB |
| EXP-3012/Videos/35.EXP312-Shellcode_03_00-Making a Bind Shell in Assembly.mp4 |
2.2 MB |
| EXP-3012/Videos/36.EXP312-Shellcode_03_01-Creating a Socket.mp4 |
6 MB |
| EXP-3012/Videos/37.EXP312-Shellcode_03_02-In the Darkness Bind Them.mp4 |
10.3 MB |
| EXP-3012/Videos/38.EXP312-Shellcode_03_03-Listening on the Socket.mp4 |
3.6 MB |
| EXP-3012/Videos/39.EXP312-Shellcode_03_04-Accepting Incoming Connections.mp4 |
4.3 MB |
| EXP-3012/Videos/4.EXP312-Tools_01_02-objdump.mp4 |
8.7 MB |
| EXP-3012/Videos/40.EXP312-Shellcode_03_05-Duplicating File Descriptors.mp4 |
6.6 MB |
| EXP-3012/Videos/41.EXP312-Shellcode_03_06-Executing binzsh.mp4 |
2.9 MB |
| EXP-3012/Videos/42.EXP312-Shellcode_03_07-Putting the Bind Shell Together.mp4 |
11.1 MB |
| EXP-3012/Videos/43.EXP312-Shellcode_04_00-Writing Shellcode in C.mp4 |
2.2 MB |
| EXP-3012/Videos/44.EXP312-Shellcode_04_01-Writing execv Shellcode in C.mp4 |
3.4 MB |
| EXP-3012/Videos/45.EXP312-Shellcode_04_02-Eliminating RIP Relative Addressing.mp4 |
2 MB |
| EXP-3012/Videos/46.EXP312-Shellcode_04_03-Eliminating Calls into the __stub Section.mp4 |
2.8 MB |
| EXP-3012/Videos/47.EXP312-Shellcode_04_04-Locating execv Pointer and Running the Code.mp4 |
4.5 MB |
| EXP-3012/Videos/48.EXP312-Shellcode_05_00-Wrapping Up.mp4 |
795 KB |
| EXP-3012/Videos/49.EXP312-Injection_01_01-Performing an Injection.mp4 |
9.4 MB |
| EXP-3012/Videos/5.EXP312-Tools_01_03-jtool2.mp4 |
4 MB |
| EXP-3012/Videos/50.EXP312-Injection_01_03-Verifying Restrictions.mp4 |
18.7 MB |
| EXP-3012/Videos/51.EXP312-Injection_02_02-Dylib Loading Process and Hijacking Scenarios.mp4 |
18.2 MB |
| EXP-3012/Videos/52.EXP312-Injection_02_03-Finding Vulnerable Applications.mp4 |
7.8 MB |
| EXP-3012/Videos/53.EXP312-Injection_02_04-Performing Dylib Hijacking.mp4 |
7.8 MB |
| EXP-3012/Videos/54.EXP312-Injection_02_05-Hijacking Dlopen.mp4 |
4.8 MB |
| EXP-3012/Videos/55.EXP312-Mach_01_00-Mach Inter Process Communication (IPC) Concepts.mp4 |
7.7 MB |
| EXP-3012/Videos/56.EXP312-Mach_03_00-Injection via Mach Task Ports.mp4 |
1.1 MB |
| EXP-3012/Videos/57.EXP312-Mach_03_01-Getting the SEND Right.mp4 |
2.6 MB |
| EXP-3012/Videos/58.EXP312-Mach_03_02-Writing to Remote Process Memory.mp4 |
8.7 MB |
| EXP-3012/Videos/59.EXP312-Mach_03_03-Starting a Remote Thread.mp4 |
2.8 MB |
| EXP-3012/Videos/6.EXP312-Tools_02_00-Static Analysis with Hopper.mp4 |
3.4 MB |
| EXP-3012/Videos/60.EXP312-Mach_04_00-BlockBlock Case Study - Injecting execv Shellcode.mp4 |
689 KB |
| EXP-3012/Videos/61.EXP312-Mach_04_01-The Vulnerability.mp4 |
2 MB |
| EXP-3012/Videos/62.EXP312-Mach_04_02-The BlockBlock Shellcode.mp4 |
2.6 MB |
| EXP-3012/Videos/63.EXP312-Mach_04_03-Finding the Process ID.mp4 |
7.2 MB |
| EXP-3012/Videos/64.EXP312-Mach_04_04-Putting it Together.mp4 |
4 MB |
| EXP-3012/Videos/65.EXP312-Mach_05_00-Injecting a Dylib.mp4 |
1.8 MB |
| EXP-3012/Videos/66.EXP312-Mach_05_01-Promoting Mach Thread to POSIX Thread.mp4 |
6.2 MB |
| EXP-3012/Videos/67.EXP312-Mach_05_02-The Shellcode.mp4 |
13.8 MB |
| EXP-3012/Videos/68.EXP312-Hooking_01_01-Interposing printf.mp4 |
4.8 MB |
| EXP-3012/Videos/69.EXP312-Hooking_01_02-Interposing ioctl Calls.mp4 |
10.1 MB |
| EXP-3012/Videos/7.EXP312-Tools_02_01-Views in Hopper.mp4 |
8.4 MB |
| EXP-3012/Videos/70.EXP312-Hooking_02_04-Hooking Objective-C Methods.mp4 |
9.9 MB |
| EXP-3012/Videos/71.EXP312-Hooking_02_05-Sniffing a KeePass Master Password.mp4 |
9.4 MB |
| EXP-3012/Videos/72.EXP312-XPC_02_00-The Low Level C API XPC Services.mp4 |
7.7 MB |
| EXP-3012/Videos/73.EXP312-XPC_03_00-The Foundation Framework API.mp4 |
7.9 MB |
| EXP-3012/Videos/74.EXP312-XPC_06_00-CVE-2019-20057 - Proxyman Change Proxy Privileged Action Vulnerability.mp4 |
1.4 MB |
| EXP-3012/Videos/75.EXP312-XPC_06_02-CVE-2019-20057 - Exploitation.mp4 |
18.5 MB |
| EXP-3012/Videos/76.EXP312-XPC_07_00-CVE-2020-0984 - Microsoft Auto Update Privilege Escalation Vulnerability.mp4 |
1.9 MB |
| EXP-3012/Videos/77.EXP312-XPC_07_02-CVE-2020-0984 - Exploitation.mp4 |
16 MB |
| EXP-3012/Videos/78.EXP312-XPC_08_00-CVE-2019-8805 - Apple EndpointSecurity Framework Local Privilege Escalation.mp4 |
1.3 MB |
| EXP-3012/Videos/79.EXP312-XPC_08_01-CVE-2019-8805 - Root Cause Analysis.mp4 |
18.7 MB |
| EXP-3012/Videos/8.EXP312-Tools_02_02-Navigating the Code.mp4 |
5.5 MB |
| EXP-3012/Videos/80.EXP312-XPC_08_02-CVE-2019-8805 - Exploitation.mp4 |
7.4 MB |
| EXP-3012/Videos/81.EXP312-XPC_09_00-CVE-2020-9714 - Adobe Reader Update Local Privilege Escalation.mp4 |
2.3 MB |
| EXP-3012/Videos/82.EXP312-XPC_09_02-Analyzing the Patch.mp4 |
13.2 MB |
| EXP-3012/Videos/83.EXP312-XPC_09_03-CVE-2020-9714 - Exploitation.mp4 |
10.8 MB |
| EXP-3012/Videos/84.EXP312-Sandbox_01_02-Entering the Sandbox.mp4 |
24.8 MB |
| EXP-3012/Videos/85.EXP312-Sandbox_01_03-Disable Sandbox Through Interposing.mp4 |
2.9 MB |
| EXP-3012/Videos/86.EXP312-Sandbox_02_02-Writing Custom SBPL Profiles.mp4 |
5.6 MB |
| EXP-3012/Videos/87.EXP312-Sandbox_04_00-Case Study QuickLook Plugin SB Escape.mp4 |
2.3 MB |
| EXP-3012/Videos/88.EXP312-Sandbox_04_01-The QuickLook Vulnerability.mp4 |
1.6 MB |
| EXP-3012/Videos/89.EXP312-Sandbox_04_02-Creating QuickLook Plugins.mp4 |
9.1 MB |
| EXP-3012/Videos/9.EXP312-Tools_02_03-External C Function Resolution.mp4 |
4 MB |
| EXP-3012/Videos/90.EXP312-Sandbox_04_03-Escaping the Sandbox - QuickLook.mp4 |
7.9 MB |
| EXP-3012/Videos/91.EXP312-Sandbox_05_00-Case Study Microsoft Word Sandbox Escape.mp4 |
660 KB |
| EXP-3012/Videos/92.EXP312-Sandbox_05_01-The Word Vulnerability.mp4 |
4.9 MB |
| EXP-3012/Videos/93.EXP312-Sandbox_05_02-Escaping the Sandbox - Word.mp4 |
9.1 MB |
| EXP-3012/Videos/94.EXP312-TCC_01_01-The Consent Databases.mp4 |
13.3 MB |
| EXP-3012/Videos/95.EXP312-TCC_01_02-User Intent.mp4 |
8.7 MB |
| EXP-3012/Videos/96.EXP312-TCC_02_00-CVE-2020-29621 - Full TCC Bypass via coreaudiod.mp4 |
815 KB |
| EXP-3012/Videos/97.EXP312-TCC_02_01-CVE-2020-29621 Vulnerability Analysis.mp4 |
2.6 MB |
| EXP-3012/Videos/98.EXP312-TCC_02_02-The Private TCC API.mp4 |
9.9 MB |
| EXP-3012/Videos/99.EXP312-TCC_02_03-CVE-2020-29621 Exploitation.mp4 |
7.2 MB |
Magnet link
