BONUS! Cyber Phoenix Subscription Included: All Phoenix TS students receive complimentary ninety (90) day access to the Cyber Phoenix learning platform, which hosts hundreds of expert asynchronous training courses in Cybersecurity, IT, Soft Skills, and Management and more!
Course Overview
OSMR Certification
macOS Control Bypasses (EXP-312) is an in-depth course that explores various macOS security mechanisms and techniques to circumvent them. Learners will delve into essential topics such as binary analysis, shellcode crafting, dylib injection, function hooking, and more. Through hands-on labs and real-world challenges, participants will gain practical experience in identifying and exploiting macOS vulnerabilities, enabling them to tackle complex macOS exploitation scenarios and advance their careers in the cybersecurity field. This course is suitable for penetration testers, exploit developers, security researcher, macOS defenders, and macOS application developers. At the completion of this course, participants will be able to:
- Develop a comprehensive understanding of macOS internals.
- Acquire techniques for circumventing security measures employed by macOS.
- Exploit logical vulnerabilities to execute privilege escalation on macOS systems.
Schedule
Currently, there are no public classes scheduled. Please contact a Phoenix TS Training Consultant to discuss hosting a private class at 301-258-8200.
Program Level
Advanced
Prerequisites
- C programming knowledge
- Normal user experience with macOS
- Basic familiarity with 64-bit assembly and debugging
- Understanding of basic exploitation concepts
Course Outline
macOS Control Bypasses: General Course Information
Virtual Machine Setup Guide
Introduction to macOS
macOS Binary Analysis Tools
The Art of Crafting Shellcodes
Dylib Injection
The Mach Microkernel
Functioning Hooking on macOS
XPC Attacks
The macOS Sandbox
Bypassing Transparency, Consent, and Control (Privacy)
Gatekeeper Internals
Bypassing Gatekeeper
Symlink and Hardlink Attacks
Getting Kernel Code Execution
Injecting Code into Electron Applications
Mount(ain) of Bugs (Archived)
The Art of Crafting Shellcodes (Apple Silicon Edition)
Mach IPC Exploitation
Chaining Exploits on macOS Ventura
macOS Penetration Testing
Exam Information
- The EXP-312 course and online lab prepares you for the OSMR certification
- 48-hour exam
- Proctored
BONUS! Cyber Phoenix Subscription Included: All Phoenix TS students receive complimentary ninety (90) day access to the Cyber Phoenix learning platform, which hosts hundreds of expert asynchronous training courses in Cybersecurity, IT, Soft Skills, and Management and more!
Phoenix TS is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints re-garding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site: www.nasbaregistry.org
![[GSA LOGO]](http://13.64.56.230/wp-content/themes/phoenixts-com/assets/images/gsa-logo-black.png){kind=logo}
