YoVDO

MacOS Dylib Injection through Mach-O Binary Manipulation

Offered By: Malware Unicorn via Independent

Tags

Malware Analysis Courses Cybersecurity Courses Go Courses Defensive Security Courses Offensive Security Courses Shellcode Courses

Course Description

Overview

This workshop is designed for those looking to develop offensive tooling or learning the technique for defense purposes. The content will cover developing stager code and shellcode for dynamic library injection in macOS environments (Mojave 10.14 & Catalina 10.15) with Golang compiled binaries. The topics covered will include compiling Go dylibs, parsing Mach-O headers, binary code caves, binary entrypoint redirection, typical assembly routines used in shellcode, and understanding the Mach-O load order.


Syllabus

Introduction
Background
Compiling a Go dylib with C-Shared Build Mode
Parsing the Mach-O Header
Entrypoint Redirection
Loading the Dylib in Memory
Appendix


Related Courses

Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Palo Alto Networks Cybersecurity Essentials II
Palo Alto Networks via Coursera Introducción al Análisis del Malware en Windows
National Technological University – Buenos Aires Regional Faculty via Miríadax Android Malware Analysis - From Zero to Hero
Udemy How to Create and Embed Malware (2-in-1 Course)
Udemy