Overview
Syllabus
Announcements
Trivia
Introduction
What is auditing
Why are we talking about auditing
Mac security tools
Auditing mechanisms
FS events
FS events example
kadiebug
subscribe
DTrace
OpenBSDM
Audit Commit
Audit Control Files
Audit Logs
Whats Next
Security Tools
Conceptual Overview
Connecting to the Audit Pipe
Configuring the Audit Pipe
Reading Data
Tokenization
Tokenization Example
Process Info Library
OpenBSM Auditing
Kernel Panic Log
Disassembly
Kernel Panic Diagram
OffByOne Read
Kernel Information Leak
How Apple Patched
Kernel Bug
Create Null Terminator
Debugging
Mapping Register Values
BCopy
Heap Overflows
Kernel Heat Overflows
Recap
Look for bugs in betas
Python script
Max Security
kernel panic
Taught by
0xdade