YoVDO

Fire & Ice - Making and Breaking macOS Firewalls

Offered By: Black Hat via YouTube

Tags

Black Hat Courses macOS Security Courses

Course Description

Overview

Explore the intricacies of macOS firewall development and vulnerabilities in this 25-minute Black Hat conference talk. Dive into core concepts like kernel-level socket filtering, user-mode component communication, secure privileged code installation, and self-defense mechanisms implementation. Learn about firewall vulnerabilities, including generic bypasses, DNS abuse, browser exploitation, and kernel-based bypasses. Gain insights into creating effective macOS firewalls while understanding potential weaknesses and attack vectors. Presented by Patrick Wardle, this comprehensive talk covers topics from socket filter registration to finale, providing valuable knowledge for both security professionals and macOS enthusiasts.

Syllabus

Intro
Outline
The Goal
Registering a Socket Filter
Socket Filter Callbacks
Firewall Vulnerabilities
Generic Bypasses
Abusing DNS
Abusing Browsers
Kernel-based Bypasses
macos Firewalls
Finale


Taught by

Black Hat

Related Courses

Cybersecurity Roles, Processes & Operating System Security
IBM via Coursera
Operating Systems and Security
IBM via edX
The Complete Cyber Security Course : Hackers Exposed!
Udemy
IT Security Foundations: Operating System Security
LinkedIn Learning
The Faces of MacOS Malware - Detecting Anomalies in a Poisoned Apple
nullcon via YouTube