mac osx逆向工程

Mac OS X

YEAR NAME AUTHOR(S) CONFERENCE
2003      
  Dynamically Overriding Mac OS X Jonathan Rentzsch N/A
  A Debugger with Gui in OS X Ivan Krizsan N/A
2004      
  Practical Mac OS X Insecurity Angelo Laub CCC
2005      
  MacOS Kernel Insecurity Ilja van Sprundel &
Christian Klein
N/A
  Infecting the Mach-O Object Format Nemo N/A
  Hacking Mac OS X Kernel for unsupported machines Ryan Rempel N/A
  FireWire: All your memory are belong to us Michael Becher &
Maximillian Dornseif & Christian N. Klein
Cansecwest
2006      
  Breaking Mac OS X Nemo, Ilja van Sprundel N/A
  Abusing Mach on Mac OS X Nemo N/A
  Hit by a Bus: Physical Access Attacks with Firewire Adam Boileau Ruxcon
  Hardware Virtualization Rootkits Dino Dai Zovi BlackHat
  Discovering Mac OS X Weaknesses Jay Beale Def Con 14
2007      
  Hacking Leopard Charlie Miller &
Jake Honoroff
N/A
  Inside the Mac OS X Kernel Lucy 24C3 2007
2008      
  Hacking OS X Charlie Miller BH Japan 08
  Dtrace The Reverse Engineer’s Unexpected Swiss Army Knife Tiller Beauchamp &
David Weston
BH US 08
  iRK – Crafting OS X Kernel Rootkits Jesse D’Aguanno BH US 08
  RETrace – Applied Reverse Engineering on OS X Tiller Beauchamp &
David Weston
Defcon 16
  Under the iHood Cameron Hotchkies Recon 2008
  Covering the tracks on Mac OS X Leopard Charles Scott N/A
  OS X Rootkits – the next level Alfredo Pesoli LaCon 2008
  How the Leopard hides his spots The Gruqq HITB KL
2009      
  Advanced Mac OSX Rootkits (paper) Dino Dai Zovi N/A
  Advanced Mac OS X Rootkits Dino Dai Zovi N/A
  Runtime Kernel Patching on OS X Bosse Eriksson Defcon 17
  Mac OS Xploitation Dino Dai Zovi N/A
  Dynamic Tracing for Exploitation and Fuzzing Tiller Beauchamp &
David Weston
Shakacon 2009
  Mac OS X Malware Analysis Joel Yonts N/A
  Objective-c Internals André Pang N/A
  Hacking Macs for Fun and Profit Dino Dai Zovi &
Charlie Miller
CSW 2009
  Mac OS Xploitation Dino Dai Zovi Source 2009
  Debugging Cocoa with DTrace Colin Wheeler N/A
  Let your Mach-O fly Vincenzo Iozzo BH DC 09
  Dynamically Overriding Mac OS X – Down the Rabbit Hole Jonathan Rentzsch N/A
  Encryption Wrapper on OSX.pdf Unknown N/A
2010      
  Function hooking for OSX and Linux Joe Damato N/A
  Mac Os X Hacking Snow Leopard edition Charlie Miller N/A
  Advanced Mac OS X Physical Memory Analysis Matthieu Suiche BH DC 2010
  Advanced Mac OS X Physical Memory Analysis (paper) Matthieu Suiche BH DC 2010
  Post exploitation techniques on OSX and Iphone Vincenzo Iozzo EUSecwest
  Programacion de rootkits en Mac OS X.pdf Fernando López Hernández N/A
  Hacking at Mach speed Dino Dai Zovi N/A
  Mac OS X Return Oriented Exploitation Dino Dai Zovi N/A
  Having Fun with Apples IOKit Ilja van Sprundel N/A
2011      
  Defiling Mac OS X Kernel Rootkits Snare Ruxcon 2011
  Hacking at Mach2 Dino Dai Zovi N/A
  The Apple Sandbox (paper) Dionysus Blazakis BH DC 2011
  The Apple Sandbox Dionysus Blazakis BH DC 2011
  Battery Firmware Hacking Charlie Miller N/A
  Macs in the Age of APT iSEC Partners BH USA 2011
  Protecting the core – Kernel Exploitation mitigations Patroklos Argyroudis &
Dimitris Glynos
BH EU 2011
  Protecting the core – Kernel Exploitation mitigations (paper) Patroklos Argyroudis &
Dimitris Glynos
BH EU 2011
2012      
  Syscan12 – DE MYSTERIIS DOM JOBSIVS: MAC EFI ROOTKITS Snare Syscan Singapore 12
  Hack Mac OS X – Tips and tricks for Mac OS X hack sud0man GSDays 2012
  Ruxcon – DE MYSTERIIS DOM JOBSIVS: MAC EFI ROOTKITS Snare Ruxcon
  How to re-engineer OSX to behave the way you want Stephen Sykes CodeBits 2012
  Mac Memory Analysis with Volatility Andrew Case DFIR Summit
  OS/X Flashback ESET N/A
  When Macs Get Hacked Sarah Edwards DFIR Summit
  Analysis & Correlation of Mac Logs Sarah Edwards DFIR Summit
  Infiltrate the Vault – Security Analysis and Decryption of Lion Full Disk Encryption Omar Choudary
& Felix Grobert & Joachim Metz
N/A
  FORENSIC MEMORY ANALYSIS FOR APPLE OS X Andrew F. Hay N/A
  EFI Rootkits Andreas Galauner SIGINT
  DE MYSTERIIS DOM JOBSIVS Mac EFI Rootkits (paper) Snare Black Hat
  DE MYSTERIIS DOM JOBSIVS Mac EFI Rootkits Snare Black Hat
  FLASHBACK OS X MALWARE (paper) Broderick Ian Aquilino VB2012
  FLASHBACK OS X MALWARE Broderick Ian Aquilino VB2012
  Backdoor.Flashback (Russian) Dr Web N/A
  Mac OS X Malware Overview (Russian) Ivan Sorokin ZeroNights
  XNU: A security evaluation Daan Keuper  
2013      
  Destructive DTrace Nemo Infiltrate13
  Revisiting Mac OS X Kernel Rootkits fG! SyScan13
  Mountain Lion and iOS Vulnerabilities Garage Sale Stefan Esser SyScan13
  Mountain Lion and iOS Vulnerabilities Garage Sale (whitepaper) Stefan Esser SyScan13
  OS X Hardening – Mountain Lion 10.8 ERNW N/A
  Ninjas and Harry Potter – “Spell”unking in Apple SMC land Alex Ionescu No Such Con
2014      
  Reverse Engineering Mac Malware Sarah Edwards BsidesNoLA
  Methods of Malware Persistence on OS X Mavericks Patrick Wardle Shakacon
  Methods of Malware Persistence on OS X Mavericks Patrick Wardle VB2014 Seattle
  OS X Yosemite Artifacts – Call history and SMS analysis nofate N/A
  BadXNU – A rotten apple! fG! CODE BLUE
  In lieu of swap: Analyzing compressed RAM in Mac OS X and Linux Andrew Case, Golden G. Richard III DFRWS
2015      
  Fuzzing OS X at Scale Ben Nagy Infiltrate
  Mac OS X Forensics Joaquin Moreno Garijo N/A
  Unauthorized Cross-App Resource Access on MAC OS X and iOS Various Authors N/A
  WRITING BAD @$$ MALWARE FOR OS X Patrick Wardle Infiltrate
  WRITING BAD @$$ MALWARE FOR OS X Patrick Wardle BlackHat US
  DYLIB HIJACKING ON OS X Patrick Wardle Virus Bulletin
  Exposing Gatekeeper Patrick Wardle VB2015 Prague
  Thunderstrike 2: Sith Strike (draft version, briefly available) Trammmell Hudson, Corey Kallenberg & Xeno Kovah BlackHat US
  Thunderstrike 2: Sith Strike (final version) Trammmell Hudson, Corey Kallenberg & Xeno Kovah BlackHat US
  Thunderstrike 2: Sith Strike – A MacBook firmware worm Trammmell Hudson, Corey Kallenberg & Xeno Kovah HITB GSEC
  Is there an EFI monster inside your apple? fG! 44CON
  Is there an EFI monster inside your apple? fG! SyScan360 Beijing
  Is there an EFI monster inside your apple? fG! CODE BLUE
  OS X Kernel is As Strong as its Weakest Part Liang Chen and ShuaiTian Zhao POC
  BadXNU – A rotten apple! fG! SyScan
  Is there an EFI monster inside your apple? fG! No cON Name
  BadXNU – A rotten apple! fG! No cON Name
  IPv6 Hardening Guide for OS-X ERNW N/A
  DTrace + OS X = Fun Andrezj Dyjak Confidence
  Advancing Mac OS X rootkit detection Andrew Case, Golden G. Richard III DFRWS
  Code Signing – Hashed Out Jonathan Levin RSA
2016      
  Memory Corruption is for Wussies! fG! SyScan360 Singapore

iOS

YEAR NAME AUTHOR(S) CONFERENCE
2008      
  Primer on Reversing Jailbroken iPhone Native Applications Shub-Nigurrath N/A
2009      
  Fun and Games with Mac OS X and iPhone Payloads Charlie Miller &
Vicenzo Iozzo
BH EU 2009
  Patching Applications from Apple AppStore with additional protection Reilly N/A
2010      
  iPhone Rootkit? There’s an App for that! Eric Monti ToorCon 2010
  iPhone security model & vulnerabilities Cedric Halbronn &
Jean Sigwald
HITB SecConf 2010
  iPhone Privacy Nicolas Seriot BH DC 2010
  Adding ASLR to jailbroken iPhones Stefan Esser POC 2010
2011      
  iNception – Planting and Extracting Sensitive Data From Your iPhone’s Subconscious Laurent Oudot HITB Amsterdam
  iPhone Data Protection in Depth Jean-Baptiste Bédrune &
Jean Sigwald
N/A
  Auditing iPhone and iPad applications Ilja van Sprundel N/A
  Practical Consideration of iOS Device Encryption Security Jens Heider &
Matthias Boll
N/A
  Apple iOS 4 Security Evaluation Dino Dai Zovi BH US 2011
  Apple iOS 4 Security Evaluation (paper) Dino Dai Zovi BH US 2011
  OVERCOMING iOS DATA PROTECTION TO RE-ENABLE iPHONE FORENSICS Andrey Belenko BH US 2011
  OVERCOMING iOS DATA PROTECTION TO RE-ENABLE iPHONE FORENSICS (paper) Andrey Belenko BH US 2011
  Exploiting the iOS Kernel Stefan Esser BH US 2011
  Exploiting the iOS Kernel (paper) Stefan Esser BH US 2011
  iPhone Exploitation – One ROPe to Bind Them All? Stefan Esser HITB Malaysia 2011
  iPhone Espionage Keith Lee N/A
  Antid0te 2.0 – ASLR in iOS Stefan Esser HITB Amsterdam
  Targeting The IOS Kernel Stefan Esser SysScan11 Singapore
  Baseband Playground Luis Miras Ekoparty 7
  Dont Hassle the Hoff : Breaking iOS code signing Charlie Miller Syscan11 Taipei
  iOS Kernel Exploitation, IOKit Edition Stefan Esser SyScan11 Taipei
  Secure Development on iOS David Thiel PacSec 2011
  An analysis on iOS Jailbreak Huang Heqing N/A
  An analysis on iOS Jailbreak (presentation) Huang Heqing N/A
  Evolution of iOS Data Protection and iPhone Forensics: from iPhone OS to iOS 5 Andrey Belenko &
Dmitry Sklyarov
BH Abu Dhabi 2011
  iOS applications reverse engineering Julien Bachmann SCS 2011
  Apple iPad In the Work Place Russ Spooner N/A
  Attacking and Defending Apple iOS Devices in the Enterprise Tom Eston N/A
  Writing secure iOS applications Ilja van Sprundel N/A
2012      
  iOS5 An Exploitation Nightmare? Stefan Esser CanSecWest 2012
  iOS Application (In)Security Dominic Chell OWASP Ireland
  iOS Application (In)Security (paper) MDSec N/A
  iOS Applications – Different Developers Same Mistakes Paul Craig Syscan12 Singapore
  iOS Kernel Heap Armageddon Stefan Esser Syscan12 Singapore
  Evaluating iOS Applications MDSec OWASP Manchester
  “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh, Really? Andrey Belenko &
Dmitry Sklyarov
BH EU 2012
  “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh, Really? (paper) Andrey Belenko &
Dmitry Sklyarov
BH EU 2012
  Corona Jailbreak for iOS 5.0 Jailbreak Dream Team HiTB Amsterdam
  Corona Jailbreak for iOS 5.0.1 Jailbreak Dream Team HiTB Amsterdam
  Absinthe Jailbreak for iOS 5.0.1 Jailbreak Dream Team HiTB Amsterdam
  iOS 6 Security: A Hacker’s Guide Mark Dowd &
Tarjei Mandt
HiTB KL
  Find Your Own iOS Kernel Bug Xu Hao &
Xiabo Chen
POC
  Practical iOS Apps hacking (paper) Mathieu Renard GreHack
  Defending Data on iOS Securosis, LLC N/A
  Jailbreaking Techniques pod2g WWJC
  Downgrading iOS: SHSH Blobs & APTickets iH8sn0w WWJC
  A Close-Up on Jailbreaking and Tweak Development Nikias Bassen WWJC
  iOS applications auditing Julien Bachmann AppSec Forum
  Pentesting iOS Apps: Runtime Analysis and Manipulation Andreas Kurtz DeepSec
  Practical iOS Apps hacking (slides) Mathieu Renard GreHack
  Hacking iOS Applications Mathieu Renard Hack.lu
2013      
  Attacking the iOS Kernel: A Look at ‘evasi0n’ Tarjei Mandt NIS
  Swiping Through Modern Security Features evad3rs HiTB Amsterdam
  Blackbox analysis of iOS apps Dmitry Evdokimov Zero Nights
2014      
  Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices JONATHAN ZDZIARSKI HOPE/X
  Reversing iOS Apps – a practical approach Patrick Wardle T2
  Exploiting Unpatched iOS Vulnerabilities for Fun and Profit Various Authors N/A
  idb – iOS Blackbox Pentesting Daniel A. Mayer ShmooCon
  Exploring and Exploiting
 iOS Web Browsers Lukasz Pilorz, Marek Zmyslowski HITB Amsterdam
2015      
  iOS 678 Security
 – Study in Fail Stefan Esser SyScan
  Optimized Fuzzing IOKIT in iOS Lei Long BlackHat US
  Optimized Fuzzing IOKIT in iOS (paper) Lei Long BlackHat US
  Review and Exploit Neglected Attack Surface in iOS 8 Pangu Team BlackHat US
  Hacking from iOS 8 to iOS 9 Pangu Team RUXCON/POC

Firmware

YEAR NAME AUTHOR(S) CONFERENCE
2012      
  New Results for Timing-Based Attestation Xeno Kovah, Corey Kallenberg,
Chris Weathers, Amy Herzog,
Matthew Albin, John Butterworth
2012 IEEE Symposium
on Security and Privacy
  No More Hooks: Trustworthy Detection of Code Integrity Attacks Xeno Kovah, Corey Kallenberg,
Chris Weathers, Amy Herzog,
Matthew Albin, John Butterworth
DefCon 20
2013      
  BIOS Chronomancy:
Fixing the Core Root of Trust for Measurement
John Butterworth, Xeno Kovah, Corey Kallenberg BlackHat US
  BIOS Chronomancy:
Fixing the Core Root of Trust for Measurement (paper)
John Butterworth, Xeno Kovah, Corey Kallenberg BlackHat US
2014      
  All Your Boot Are Belong To Us Yuriy Bulygin, Andrew Furtak,
Oleksandr Bazhaniuk, John Loucaides
CanSecWest
  All Your Boot Are Belong To Us Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
CanSecWest
  Attacks on UEFI Security Rafal Wojtczuk, Corey Kallenberg 31c3
  Attacking UEFI Boot Script Rafal Wojtczuk, Corey Kallenberg 31c3
  Copernicus 2: SENTER the Dragon! Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
CanSecWest
  SENTER Sandman: Using Intel TXT to Attack BIOSes Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
HITB
  SENTER Sandman: Using Intel TXT to Attack BIOSes (paper) Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
HITB
  Defeating Signed BIOS Enforcement Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
N/A
  Analyzing UEFI BIOS from Attacker & Defender Viewpoints Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
BlackHat EU
  Into the Unknown: How to Detect BIOS-level attackers Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
VB 2014
  Into the Unknown: Assessing your BIOS vulnerabilities Corey Kallenberg, John Butterworth,
Sam Cornwell, Bob Heinemann
MIRcon
  Extreme Privilege Escalation on Windows 8/UEFI Systems Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
BlackHat US
  Extreme Privilege Escalation on Windows 8/UEFI Systems (paper) Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
BlackHat US
  Setup For Failure: Defeating Secure Boot Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
SyScan
  Setup For Failure: Defeating Secure Boot (paper) Corey Kallenberg, Xeno Kovah,
John Butterworth, Sam Cornwell
SyScan
2015      
  BIOS Necromancy: Utilizing “Dead Code” for BIOS Attacks Corey Kallenberg & Xeno Kovah HITB GSEC
  Betting BIOS Bugs Won’t Bite Y’er Butt? Corey Kallenberg & Xeno Kovah ShmooCon
  How Many Million BIOSes Would you Like to infect? Corey Kallenberg & Xeno Kovah CanSecWest
  How Many Million BIOSes Would you Like to infect? (paper) Corey Kallenberg & Xeno Kovah CanSecWest
  Are you giving firmware attackers a free pass? Corey Kallenberg & Xeno Kovah RSA

你可能感兴趣的:(mac osx逆向工程)