MacOS Dylib Injection through Mach-O Binary Manipulation
Offered By: Malware Unicorn via Independent
Course Description
Overview
This workshop is designed for those looking to develop offensive tooling or learning the technique for defense purposes. The content will cover developing stager code and shellcode for dynamic library injection in macOS environments (Mojave 10.14 & Catalina 10.15) with Golang compiled binaries. The topics covered will include compiling Go dylibs, parsing Mach-O headers, binary code caves, binary entrypoint redirection, typical assembly routines used in shellcode, and understanding the Mach-O load order.
Syllabus
Introduction
Background
Compiling a Go dylib with C-Shared Build Mode
Parsing the Mach-O Header
Entrypoint Redirection
Loading the Dylib in Memory
Appendix
Related Courses
Разработка веб-сервисов на Go - основы языкаMoscow Institute of Physics and Technology via Coursera Getting Started with Go
University of California, Irvine via Coursera Concurrency in Go
University of California, Irvine via Coursera Functions, Methods, and Interfaces in Go
University of California, Irvine via Coursera Game Thinking: Juego y toma de decisiones
The Pontificia Universidad Javeriana via edX