دوره EXP-312: Advanced macOS Control Bypasses

  • OffSec
  • 868 بازدید
  • 0 نظر

Advanced macOS Control Bypasses (EXP-312) is our first macOS security course. It’s an offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses. EXP-312 is an advanced course that teaches the skills necessary to bypass security controls implemented by macOS, and exploit logic vulnerabilities to perform privilege escalation on macOS systems. Learners who complete the course and pass the exam earn the OffSec macOS Researcher (OSMR) certification.

Syllabus

  • Introduction to macOS internals
  • Debugging, Tracing   Hopper
  • Shellcoding in macOS
  • Dylib Injection
  • Mach and Mach injection
  • Hooking
  • XPC exploitation
  • Sandbox escape
  • Attacking privacy (TCC)
  • Symlink attacks
  • Kernel code execution
  • macOS Pentesting

EXP-312: Advanced macOS Control Bypasses