Summer of Fuzz - MacOS
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore the intricacies of fuzzing applications on macOS in this Hack In The Box Security Conference talk. Delve into overlooked attack surfaces, including file parsers and network services, while learning techniques for fuzzing userland binaries. Discover a new fuzzer that simplifies setup and crash triage when testing Apple core apps and clients. Gain insights into overcoming security protections, finding effective tools, and making macOS fuzzing more accessible. Learn how to approach bug hunting on macOS with increased motivation and better equipment, covering topics such as debugging, SIP, app sandboxing, crash reporting, and targeting specific applications and servers.
Syllabus
Summer of Fuzz
Agenda
Intro
Debugging
SIP
App Sandbox
Crash Reporting
Sleep
SSH
Enumerating Network Services
Fuzzing
Targeting Applications
Font Book
smbutil
CUPS
Targeting Servers
ARDAgent
screensharingd
ODSAgent
BONUS
Conclusion
Taught by
Hack In The Box Security Conference
Related Courses
MongoDB for .NET DevelopersMongoDB University Web Application Development – Capstone Course
University of New Mexico via Coursera Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent Reliable Cloud Infrastructure: Design and Process auf Deutsch
Google Cloud via Coursera Securing and Integrating Components of your Application 日本語版
Google Cloud via Coursera