Macs have become a popular target of cyber-criminals, and there are few effective defences against these pernicious threats - until now. The second volume of The Art of Mac Malware is the first book to cover state-of-the-art programming techniques and security tools for detecting and countering malicious code running on a macOS system. Author Patrick Wardle, a former NSA hacker and a leading authority on macOS threat analysis, shares real-world examples from his own research to reveal the many strategies used by actual malware specimens to evade detection. As you dive deep into the Mac operating system's internals, you'll learn about: Apple's public and private frameworks and APIs, How to build heuristic-based security tools for the macOS, Using the macOS Endpoint Security framework to develop real-time monitoring software , Objective-See's suite of anti-malware tools, including KnockKnock, BlockBlock, and OverSight. But this book is not just aimed at practitioners - for anyone interested in understanding the current threats facing the Apple ecosystem, it's a must-read.
Foreword
Acknowledgments
Introduction
Part I: Data Collection
Chapter 1. Examining Processes
Chapter 2. Parsing Binaries
Chapter 3. Code Signing
Chapter 4. Network State and Statistics
Chapter 5. Persistence
Part II: System Monitoring
Chapter 6. Log Monitoring
Chapter 7. Network Monitoring
Chapter 8. Endpoint Security
Chapter 9: Muting and Authorization Events
Part III: Tool Creation
Chapter 10: Persistence Enumerator
Chapter 11: Persistence Monitor
Chapter 12: Mic and Webcam Monitor
Chapter 13: DNS Monitor
Chapter 14. Case Studies
Index
Height:
Width:
Spine:
Weight:0.00