CalvinBackup/SnakeAppleSecurityFiles
1
0
Fork 0
mirror of https://github.com/Karmaz95/Snake_Apple.git synced 2026-04-05 14:22:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • e3442de04c Update README.md main Karol Mazurek 2026-01-09 22:52:18 +01:00
  • 54bcddbce5 Add repository popularity section with star history chart Karol Mazurek 2025-12-25 08:31:37 +01:00
  • 190d6542d3 Add diff_apss.sh script for app patching analysis Karol Mazurek 2025-12-22 23:54:41 +01:00
  • d4cbd1a64c Refactor comment Karol Mazurek 2025-12-22 20:01:10 +01:00
  • ff55402c23 Add check_bundle_exe script for extracting executable names from macOS app bundles Karol Mazurek 2025-12-22 19:59:15 +01:00
  • 2b45f44b06 Add check_cs.sh wrapper Karol Mazurek 2025-12-18 13:29:58 +01:00
  • 0c0b9ad5b9 Merge branch 'main' of https://github.com/Karmaz95/Snake_Apple Karol Mazurek 2025-12-15 16:03:42 +01:00
  • 43e98834cc Fix error message formatting in check_paths method Karol Mazurek 2025-12-15 16:01:17 +01:00
  • 46e647ad47 Make find_symbol.py executable Karol Mazurek 2025-12-15 15:50:19 +01:00
  • 4d9bdde03a Add new hooks for process and vnode checks Karol Mazurek 2025-12-12 17:26:05 +01:00
  • b3fbaacee6 Update TOOLS.md to include find_symbol documentation Karol Mazurek 2025-12-09 11:33:14 +01:00
  • 05e95dcf39 Add find_symbol.py script for locating symbols in PATH recursively Karol Mazurek 2025-12-09 11:33:03 +01:00
  • d08cd41f2d Add IDA Pro MIG Subsystem Scanner for identifying and labeling MIG subsystems in Mach binaries Karol Mazurek 2025-12-07 20:28:07 +01:00
  • ec2cfe8425 Change file mode of r2_dd.py to make it executable Karol Mazurek 2025-12-07 00:26:26 +01:00
  • 8d6a8b4c6b Add r2_dd documentation and usage examples to TOOLS.md Karol Mazurek 2025-12-06 22:27:38 +01:00
  • 5a906283f3 Add r2_dd script for binary extraction based on Virtual Addresses using radare2 Karol Mazurek 2025-12-06 22:17:34 +01:00
  • cac76ae2aa Add Lock to synchronize print statements and prevent stdout corruption when multiple threads write simultaneously. Example corruption before: ``` DYLIB:/Applications/NordVPN.app/Contents/Frameworks/norddropFFI.framework/Versions/A/norddropFFI Karol Mazurek 2025-12-06 21:38:19 +01:00
  • 1fda24819c Add final_secure_test_xpc.zip to the App Bundle Extension Karol Mazurek 2025-12-02 19:17:52 +01:00
  • 1ae188683a Add secure_test_xpc.zip to the App Bundle Extension Karol Mazurek 2025-12-02 18:53:33 +01:00
  • de427b1cba Add secure_test_xpc.zip to the App Bundle Extension Karol Mazurek 2025-12-02 18:16:13 +01:00
  • deb19c3858 Add link to "Dyld Shared Cache Patch Diffing based on CVE-2025-43400" in the table of contents Karol Mazurek 2025-11-01 14:37:53 +01:00
  • 32ea1c4eda Add link to "Threats of Unvalidated XPC Clients on macOS" in the table of contents Karol Mazurek 2025-10-27 09:56:25 +01:00
  • e6f94ef223 Fix formatting issue in README.md Karol Mazurek 2025-10-18 15:24:13 +02:00
  • 3473985e92 Description update. Karol Mazurek 2025-10-18 15:23:14 +02:00
  • 2976102984 Add link to "Static Analysis on Decompiled Code" in the table of contents Karol Mazurek 2025-10-01 20:21:57 +02:00
  • 4345a0412e Fix: Add IOKit 16-scalar limit validation to prevent OOB access Karol Mazurek 2025-09-27 17:10:10 +02:00
  • 29a3124b7e Add link to "Breaking Hardened Runtime: The 0-Day Microsoft Delivered to macOS" in the table of contents. Karol Mazurek 2025-09-15 17:47:00 +02:00
  • 38cc7865bc Update link for "AI-Enhanced Vulnerability Research" in the table of contents Karol Mazurek 2025-09-03 11:02:16 +02:00
  • 96a0c023f0 Add link to "To allow or not to get-task-allow, that is the question" in the table of contents and update Tools.md reference Karol Mazurek 2025-09-02 11:05:50 +02:00
  • 713178663d Add link to "Reverse Engineering Apple’s TCC Daemon: When Decompiled Code Lies" in the table of contents Karol Mazurek 2025-08-25 20:57:57 +02:00
  • 26efd8b1b1 Add link to "Mapping IOKit Methods Exposed to User Space on macOS" in the table of contents Karol Mazurek 2025-08-19 00:11:57 +02:00
  • d5482eb959 Add link to "TCC Bypass in Visual Studio Code via misconfigured Node fuses" in the table of contents Karol Mazurek 2025-08-18 10:55:29 +02:00
  • 6553126bfc Adding article link "A mouse move that crashed the system – Stack Buffer Overflow in Display Driver on macOS" to README.md Karol Mazurek 2025-08-11 10:25:34 +02:00
  • 58f97f589c Add new article placeholders for "Apple Intelligence" and "AI-Enhanced Vulnerability Research" in the table of contents Karol Mazurek 2025-08-02 14:07:29 +02:00
  • e1cdd27c28 Add link to "Applications Patch Diffing on macOS" in the table of contents Karol Mazurek 2025-08-01 09:31:35 +02:00
  • 30d7d0e9b4 Update README to enhance description of exclusive content for Elite Patrons and mark articles with asterisks Karol Mazurek 2025-07-25 21:02:17 +02:00
  • 4b827afe20 Create TCC CheatSheet.md Karol Mazurek 2025-07-25 08:07:46 +02:00
  • 2ffc0f982e Add article link for "Scaling Vulnerability Discovery on macOS" to README Karol Mazurek 2025-07-02 18:04:00 +02:00
  • 2cdd37a9ff Add link to "LLDB for Vulnerability Research" article in README Karol Mazurek 2025-06-16 15:54:18 +02:00
  • 9872ec6fc4 Fix typo in article link for System Integrity Protection Karol Mazurek 2025-06-12 01:42:09 +02:00
  • 06d77e7c09 Enhance ioconnectcallmethod_hook to generate unique filenames for dumped inputStruct and print IOConnectCallMethod return code Karol Mazurek 2025-06-11 00:04:42 +02:00
  • 0fd3c811db Add inputStruct dumping functionality to iokit_tracer with output directory support Karol Mazurek 2025-06-10 19:08:16 +02:00
  • 1962ab10ef Enhance trace_iokit command to utilize the current LLDB target/process if no PID or executable path is specified Karol Mazurek 2025-06-10 18:53:50 +02:00
  • 3f1f2e6228 Add error handling for subprocess output in dtrace scripts Karol Mazurek 2025-06-10 18:36:34 +02:00
  • 1a00625b0f Add IOVerify tool for IOKit driver communication verification Karol Mazurek 2025-06-09 15:32:42 +02:00
  • 8eb7589493 Add iokit_dump.py script for dumping IOKit IOConnectCallMethod data in LLDB Karol Mazurek 2025-06-09 02:34:05 +02:00
  • 2e208d662c Add iokit_tracer.py script for complete IOKit data inspection and tracing Karol Mazurek 2025-06-09 02:26:24 +02:00
  • 014ce2b5d5 Add dtrace_externalMethod.py script to trace IOConnectCallMethod kernel functions Karol Mazurek 2025-06-09 01:47:35 +02:00
  • 18dfa39f42 Add dtrace_NewUserClient.py script to trace kernel newUserClient calls on macOS Karol Mazurek 2025-06-09 01:39:38 +02:00
  • b0439e7220 Add trace_ioserviceopen.py script to trace IOServiceOpen calls in LLDB Karol Mazurek 2025-06-09 01:38:54 +02:00
  • 95752eefc7 Add print_methods function to display external methods details in IDA Karol Mazurek 2025-06-08 00:50:59 +02:00
  • 0f8df62d82 Enhance IDA script for IOExternalMethodDispatch structures: - Added support for struct_type argument in create_external_method_dispatch_struct and format_external_method_array functions. - Updated documentation for usage and structure formats. - Improved handling of specific fields for IOExternalMethodDispatch2022. Karol Mazurek 2025-06-08 00:50:34 +02:00
  • bcc9f34241 Information Update Karol Mazurek 2025-05-31 23:26:27 +02:00
  • ac5c9c9799 Add link to "Threat of TCC Bypasses on macOS" article in README.md Karol Mazurek 2025-05-26 12:16:03 +02:00
  • 85fc5ffea3 Fixing links in README.md Karol Mazurek 2025-05-23 10:27:12 +02:00
  • 1bca0fd124 Adding "Case Study: IOMobileFramebuffer NULL Pointer Dereference" article link to README.md asdh1qwe 2025-04-22 11:05:15 +02:00
  • 78e70edcbb Adding "History of NULL Pointer Dereferences on macOS" article link to README.md Karmaz95 2025-03-28 19:52:47 +01:00
  • 7c5d445980 Minor changes to README.md in "WHY UROBOROS?" section. Karmaz95 2025-02-15 15:25:39 +01:00
  • fccc122ba5 Detaching Tools section from README.md to TOOLS.md file. Karmaz95 2025-02-15 15:20:59 +01:00
  • 0ef9bd433e Adding a note for the Articles section of the README.md about free access to Medium links. Karmaz95 2025-02-15 11:00:58 +01:00
  • 58b2a53831 Adding "Case Study: Analyzing macOS IONVMeFamily NS_01 Driver Denial of Service Issue" article link. Karmaz95 2025-02-12 13:33:13 +01:00
  • 2d0f12c15a Adding SLAP & FLOP: Apple Silicon’s Data Speculation Vulnerabilities article. Karmaz95 2025-01-30 17:25:38 +01:00
  • 2fb33d88be Patrons update Karmaz95 2025-01-30 12:20:13 +01:00
  • dab7384bc8 Merge pull request #2 from devnoname120/fix-electron-patcher Karol Mazurek 2025-01-08 11:31:46 +01:00
  • deb421a620 Fix electron patching Paul 2025-01-05 18:57:23 +01:00
  • 2e4fe54a6f Adding XNU article friend link v1.1 Karmaz95 2024-12-30 21:06:08 +01:00
  • 6915ce42a4 Patching single "=" typo in requirements.txt Karmaz95 2024-12-27 01:10:37 +01:00
  • 603e984ed4 CrimsonUroboros --help update Karmaz95 2024-12-26 18:01:52 +01:00
  • 06db486a74 Adding test_parse_mpo to XNU testing class Karmaz95 2024-12-26 17:54:59 +01:00
  • 6223fc3df2 Moving dump_kext to XNU class Karmaz95 2024-12-26 17:36:13 +01:00
  • 116c826b9c Update CrimsonUroboros with XNU Karmaz95 2024-12-26 16:47:29 +01:00
  • a0e9a1500f Adding a link to the Drivers on macOS article. Karmaz95 2024-12-26 04:08:32 +01:00
  • 532c6cf56f Updated, but still need some work Karmaz95 2024-12-25 07:16:08 +01:00
  • 514b18d64f Adding AppleJPEGDriver_method_1.cpp Karmaz95 2024-12-25 06:02:41 +01:00
  • 24cd4ccb58 Adding IOConnectCallMethod simple examples Karmaz95 2024-12-25 01:29:41 +01:00
  • a49923016b IDA script for IOExternalMethodDispatch2022 array parsing Karmaz95 2024-12-24 23:31:11 +01:00
  • 0a576da592 Uploading example C programs for driver article. Karmaz95 2024-12-23 13:17:48 +01:00
  • 7a0de01576 Adding link to XPC Programming on macOS Karmaz95 2024-12-21 12:44:02 +01:00
  • 2107b01887 Uploading LLDB helper for setting XPC breakpoints Karmaz95 2024-12-20 22:41:32 +01:00
  • 684d03c491 Uploading LaunchDaemon XPC service example Karmaz95 2024-12-20 02:02:18 +01:00
  • 83db8c656d test_terminal_xpc update Karmaz95 2024-12-18 22:43:58 +01:00
  • 3f1b032bff Moving XPC to App Bundle Extension directory from XNU Karmaz95 2024-12-18 22:35:45 +01:00
  • b920d49964 Uploading test_termina_xpc bundle app Karmaz95 2024-12-18 22:33:55 +01:00
  • 917088a2ec Adding Mach IPC Security on macOS article link Karmaz95 2024-12-17 18:27:33 +01:00
  • 9f195f010b Uploading code that demonstrates process injection on macOS using the Mach kernel APIs Karmaz95 2024-12-17 15:29:54 +01:00
  • 1e0787cef8 Uploading scripts for special ports enumeration Karmaz95 2024-12-17 03:27:51 +01:00
  • 5f2f010eb7 Update to enum_special_port_rights Karmaz95 2024-12-17 03:21:09 +01:00
  • 2b125144ea Uploading service_lookup Karmaz95 2024-12-17 02:40:51 +01:00
  • fe6dcb3b79 Update for port_inspector Karmaz95 2024-12-17 02:11:37 +01:00
  • 975b88ffcc Adding port_inspector.c Karmaz95 2024-12-16 16:11:02 +01:00
  • 3f3d5355b3 Adding client_server NSNotification example Karmaz95 2024-12-16 15:21:42 +01:00
  • 043c2714f1 Adding client_server CFMessagePort example Karmaz95 2024-12-16 14:45:50 +01:00
  • b735706891 Adding client_server NSMachPort example Karmaz95 2024-12-16 14:35:30 +01:00
  • 5e6daa4a92 Adding client_server NSConnection example Karmaz95 2024-12-16 14:12:52 +01:00
  • 9a58e93e3c Karmaz95 2024-12-15 22:55:06 +01:00
  • 63971e56bc Move enum_special_port_rights to mach_ipc directory Karmaz95 2024-12-15 18:53:49 +01:00
  • 25dd6a7ef2 Adding example Mach IPC client-server with and without MIG Karmaz95 2024-12-15 17:56:29 +01:00
  • 0b585a6e33 Enumerates our task rights to special ports Karmaz95 2024-12-14 22:29:58 +01:00
  • 94ac0a9eda Adding CommPageParser Karmaz95 2024-12-11 19:33:33 +01:00
  • dcd13d7e7a Adding Kernel Extensions on macOS link. Karmaz95 2024-12-10 19:27:04 +01:00