Red Teaming macOS Environments with Hermes the Swift Messenger

Dive into the development of a new Swift implant called Hermes, designed for targeting macOS environments in red teaming operations. Explore the internals and capabilities of this implant, which integrates with Cody Thomas' Mythic framework for command and control. Learn about the implant's functionality and discover potential detection methods using Apple's Endpoint Security Framework (ESF). Gain valuable insights into advanced red teaming techniques for macOS systems in this 44-minute conference talk presented at Security BSides San Francisco 2022.

BSidesSF 2022 - Red Teaming macOS Environments with Hermes the Swift Messenger (Justin Bui)