CalvinBackup/SnakeAppleSecurityFiles
1
0
Fork 0
mirror of https://github.com/Karmaz95/Snake_Apple.git synced 2026-03-30 14:00:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
264 Commits 1 Branch 11 Tags
e3442de04c5d52dcebff0c74a08429e338fb18b5
Commit Graph

264 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Karol Mazurek
e3442de04c Update README.md 2026-01-09 22:52:18 +01:00
Karol Mazurek
54bcddbce5 Add repository popularity section with star history chart 2025-12-25 08:31:37 +01:00
Karol Mazurek
190d6542d3 Add diff_apss.sh script for app patching analysis 2025-12-22 23:54:41 +01:00
Karol Mazurek
d4cbd1a64c Refactor comment 2025-12-22 20:01:10 +01:00
Karol Mazurek
ff55402c23 Add check_bundle_exe script for extracting executable names from macOS app bundles 2025-12-22 19:59:15 +01:00
Karol Mazurek
2b45f44b06 Add check_cs.sh wrapper 2025-12-18 13:29:58 +01:00
Karol Mazurek
0c0b9ad5b9 Merge branch 'main' of https://github.com/Karmaz95/Snake_Apple 2025-12-15 16:03:42 +01:00
Karol Mazurek
43e98834cc Fix error message formatting in check_paths method 2025-12-15 16:01:17 +01:00
Karol Mazurek
46e647ad47 Make find_symbol.py executable 2025-12-15 15:50:19 +01:00
Karol Mazurek
4d9bdde03a Add new hooks for process and vnode checks 2025-12-12 17:26:05 +01:00
Karol Mazurek
b3fbaacee6 Update TOOLS.md to include find_symbol documentation 2025-12-09 11:33:14 +01:00
Karol Mazurek
05e95dcf39 Add find_symbol.py script for locating symbols in PATH recursively 2025-12-09 11:33:03 +01:00
Karol Mazurek
d08cd41f2d Add IDA Pro MIG Subsystem Scanner for identifying and labeling MIG subsystems in Mach binaries 2025-12-07 20:28:07 +01:00
Karol Mazurek
ec2cfe8425 Change file mode of r2_dd.py to make it executable 2025-12-07 00:26:26 +01:00
Karol Mazurek
8d6a8b4c6b Add r2_dd documentation and usage examples to TOOLS.md 2025-12-06 22:27:38 +01:00
Karol Mazurek
5a906283f3 Add r2_dd script for binary extraction based on Virtual Addresses using radare2 2025-12-06 22:17:34 +01:00
Karol Mazurek
cac76ae2aa Add Lock to synchronize print statements and prevent stdout corruption when multiple threads write simultaneously. Example corruption before: 
```
DYLIB:/Applications/NordVPN.app/Contents/Frameworks/norddropFFI.framework/Versions/A/norddropFFI

/* No comment provided by engineer. */
"Update Error!" = "Virhe p�ivEXECUTE:/Applications/KnockKnock.app/Contents/MacOS/KnockKnock
```
 2025-12-06 21:38:19 +01:00
Karol Mazurek
1fda24819c Add final_secure_test_xpc.zip to the App Bundle Extension 2025-12-02 19:17:52 +01:00
Karol Mazurek
1ae188683a Add secure_test_xpc.zip to the App Bundle Extension 2025-12-02 18:53:33 +01:00
Karol Mazurek
de427b1cba Add secure_test_xpc.zip to the App Bundle Extension 2025-12-02 18:16:13 +01:00
Karol Mazurek
deb19c3858 Add link to "Dyld Shared Cache Patch Diffing based on CVE-2025-43400" in the table of contents 2025-11-01 14:37:53 +01:00
Karol Mazurek
32ea1c4eda Add link to "Threats of Unvalidated XPC Clients on macOS" in the table of contents 2025-10-27 09:56:25 +01:00
Karol Mazurek
e6f94ef223 Fix formatting issue in README.md 2025-10-18 15:24:13 +02:00
Karol Mazurek
3473985e92 Description update. 2025-10-18 15:23:14 +02:00
Karol Mazurek
2976102984 Add link to "Static Analysis on Decompiled Code" in the table of contents 2025-10-01 20:21:57 +02:00
Karol Mazurek
4345a0412e Fix: Add IOKit 16-scalar limit validation to prevent OOB access 
Validates scalar input/output counts in -y parameter don't exceed
IOKit's maximum of 16, preventing garbage values from array bounds.
 2025-09-27 17:10:10 +02:00
Karol Mazurek
29a3124b7e Add link to "Breaking Hardened Runtime: The 0-Day Microsoft Delivered to macOS" in the table of contents. 2025-09-15 17:47:00 +02:00
Karol Mazurek
38cc7865bc Update link for "AI-Enhanced Vulnerability Research" in the table of contents 2025-09-03 11:02:16 +02:00
Karol Mazurek
96a0c023f0 Add link to "To allow or not to get-task-allow, that is the question" in the table of contents and update Tools.md reference 2025-09-02 11:05:50 +02:00
Karol Mazurek
713178663d Add link to "Reverse Engineering Apple’s TCC Daemon: When Decompiled Code Lies" in the table of contents 2025-08-25 20:57:57 +02:00
Karol Mazurek
26efd8b1b1 Add link to "Mapping IOKit Methods Exposed to User Space on macOS" in the table of contents 2025-08-19 00:11:57 +02:00
Karol Mazurek
d5482eb959 Add link to "TCC Bypass in Visual Studio Code via misconfigured Node fuses" in the table of contents 2025-08-18 10:55:29 +02:00
Karol Mazurek
6553126bfc Adding article link "A mouse move that crashed the system – Stack Buffer Overflow in Display Driver on macOS" to README.md 2025-08-11 10:25:34 +02:00
Karol Mazurek
58f97f589c Add new article placeholders for "Apple Intelligence" and "AI-Enhanced Vulnerability Research" in the table of contents 2025-08-02 14:07:29 +02:00
Karol Mazurek
e1cdd27c28 Add link to "Applications Patch Diffing on macOS" in the table of contents 2025-08-01 09:31:35 +02:00
Karol Mazurek
30d7d0e9b4 Update README to enhance description of exclusive content for Elite Patrons and mark articles with asterisks 2025-07-25 21:02:17 +02:00
Karol Mazurek
4b827afe20 Create TCC CheatSheet.md 2025-07-25 08:07:46 +02:00
Karol Mazurek
2ffc0f982e Add article link for "Scaling Vulnerability Discovery on macOS" to README 2025-07-02 18:04:00 +02:00
Karol Mazurek
2cdd37a9ff Add link to "LLDB for Vulnerability Research" article in README 2025-06-16 15:54:18 +02:00
Karol Mazurek
9872ec6fc4 Fix typo in article link for System Integrity Protection 2025-06-12 01:42:09 +02:00
Karol Mazurek
06d77e7c09 Enhance ioconnectcallmethod_hook to generate unique filenames for dumped inputStruct and print IOConnectCallMethod return code 2025-06-11 00:04:42 +02:00
Karol Mazurek
0fd3c811db Add inputStruct dumping functionality to iokit_tracer with output directory support 2025-06-10 19:08:16 +02:00
Karol Mazurek
1962ab10ef Enhance trace_iokit command to utilize the current LLDB target/process if no PID or executable path is specified 2025-06-10 18:53:50 +02:00
Karol Mazurek
3f1f2e6228 Add error handling for subprocess output in dtrace scripts 2025-06-10 18:36:34 +02:00
Karol Mazurek
1a00625b0f Add IOVerify tool for IOKit driver communication verification 2025-06-09 15:32:42 +02:00
Karol Mazurek
8eb7589493 Add iokit_dump.py script for dumping IOKit IOConnectCallMethod data in LLDB 2025-06-09 02:34:05 +02:00
Karol Mazurek
2e208d662c Add iokit_tracer.py script for complete IOKit data inspection and tracing 2025-06-09 02:26:24 +02:00
Karol Mazurek
014ce2b5d5 Add dtrace_externalMethod.py script to trace IOConnectCallMethod kernel functions 2025-06-09 01:47:35 +02:00
Karol Mazurek
18dfa39f42 Add dtrace_NewUserClient.py script to trace kernel newUserClient calls on macOS 2025-06-09 01:39:38 +02:00
Karol Mazurek
b0439e7220 Add trace_ioserviceopen.py script to trace IOServiceOpen calls in LLDB 2025-06-09 01:38:54 +02:00