Ming-chieh Pan (Nanika) Sung-ting Tsai (TT)

Ming-chieh Pan (Nanika)
Sung-ting Tsai (TT)
Volatility for Mac OS X
Volatility
Volatility is a well-know memory forensic tool.
New version of Volatility supports Mac OS X.
It can detect rubilyn rootkit as well.
Bypass
Detection
Launchd
kext_request()
kext_request()
MKEXT
<dict>
<key>Kext Request Predicate</key> <string>Load</string>
<key>Kext Request Arguments</key>...
<key>_MKEXTInfoDictionaries</key>
<array>...

About abcdocz
DMCA / GDPR
Report

Ming-chieh Pan (Nanika) Sung-ting Tsai (TT)

abcdocz.com