This course teaches how to create and bypass macOS firewalls, covering topics such as kernel-level socket filtering, communicating with user-mode components, installing privileged code securely, and implementing self-defense mechanisms. The course includes skills like registering a socket filter, understanding socket filter callbacks, and exploiting firewall vulnerabilities. The teaching method involves a talk format with a focus on practical demonstrations. The intended audience for this course includes cybersecurity professionals, network administrators, and individuals interested in macOS security.
Overview
Syllabus
Intro
Outline
The Goal
Registering a Socket Filter
Socket Filter Callbacks
Firewall Vulnerabilities
Bypassing Lulu
Generic Bypasses
Abusing DNS
Abusing Browsers
Kernel-based Bypasses
Finale
Taught by
Black Hat