macOS Research Outtakes - File Extensions

If you follow our research over on MDSec's blog, you will have seen a number of posts documenting macOS research we've recently completed. As RedTeamer's, we have a wealth of information available to us when it comes to attacking Windows endpoints, whether that be via a HTA, OLE, a macro office document or even simply binary hiding as a legitimate application, we are never short of options to gain access to a targets machine when phishing. The same unfortunately... Read More »

Endpoint Security Self-Protection on MacOS

In this post we will analyse BitDefender on MacOS, looking at some of the self-protection methods hooking MacOS. At the end of the post, we will have a bit of fun and show just how we can leverage this technology to hide our malware during an engagement.... Read More »

Escaping the Sandbox – Microsoft Office on MacOS

You’ve completed your recon, and found that your target is using MacOS… what next? With the increased popularity of MacOS in the enterprise, we are often finding that having phishing payloads targeting only Microsoft Windows endpoints is not enough during a typical engagement. With this in mind, I wanted to find an effective method of landing a stager on a MacOS system during a phishing campaign. In this walkthrough, I will show one possible way we can go about gaining a foothold by leveraging... Read More »