After my previous post, I recieved a few comments about ptrace! I was curious and decided to explore this new track. In the post: ➡️ I used ptrace to prevent debugger attaching my program ➡️ I dived into xnu sources to reverse-engineer ptrace ⬇️⬇️⬇️⬇️

RT @bcomnes: Everything in and around Node.js was designed for direct run source artifacts. All of the recent pain around it (almost always…

RT @gergely_kalman: As promised here's a video of the - currently 0day - FDA bypass on macOS. I reported it to Apple ~2 months ago and a fi…

Nothing specific in logs ... ! I'll have to dig more :)

@vector35 I bought it two days ago haha! Good timing to interact tho! There is no trial for sidekick?

installing class-dump ... hugh!

@L0Psec Why doing this? Looks like gambling

RT @yo_yo_yo_jbo: I might have found the dumbest way to get your location in macOS without TCC.

@bruce_k3tta @MarceloRivero @patrickwardle @L0Psec It seems that it is a different one. I also found that one, which seems to use the same approach ...

Yesterday I saw a short by @korben about I’ll give it a shot

@bruce_k3tta @MarceloRivero @patrickwardle @L0Psec Thanks :)

@debug_majora @bruce_k3tta there is a registry for these malwares? it could be fun to RE them at some point

RT @MarceloRivero: DeepSeek fever! - Atomic Stealer (#AMOS), the top macOS threat, is already riding the wave.🐳 (sample via @bruce_k3tta) 🧐…

RT @L0Psec: New Video: This time, I get to focus a little more on specific arm64 instructions. As an RE, you will…

best playlist for reverse engineering

it will be usefull to re remote xpc objects