Masochist Logo

Masochist

0
Free
Visit Website

Masochist is a framework for creating XNU based rootkits. Very useful in OS X and iOS security research. It can do cool things like: * Public symbol resolution * Process manipulation * System call hijacking Masochist is currently compatible with 64-bit OS X machines (I think). I've only tested this on 10.10. If anyone is brave enough to try it on their system, I would be very grateful. Usage: To use this code, please import these files into your kernel extension project in Xcode. Then, import the headers that you need to use. I recommend this repo as a starting point for your project. It has been configured and is ready to be built inside Xcode. API docs can be found on the Wiki page. Disclaimer: Please don't do anything stupid/illegal with this. This stuff can break your Mac. If you're unsure, run OS X in a VM.

FEATURES

ALTERNATIVES

A collection of resources for beginners to learn assembly language.

YaraHunter scans container images, running Docker containers, and filesystems to find indicators of malware.

A deserialization payload generator for .NET formatters

A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.

A simple JWT token brute force cracker

Parse YARA rules into a dictionary representation.

A tutorial on setting up a virtual ARM environment, reversing ARM binaries, and writing basic exploits for ARM using the trafman challenge of rwthCTF as an example.

A web-based manager for Yara rules, allowing for storage, editing, and management of Yara rules.

PINNED

ImmuniWeb® Discovery Logo

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management
InfoSecHired Logo

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Resources
Mandos Brief Newsletter Logo

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Check Point CloudGuard WAF Logo

Check Point CloudGuard WAF

A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
Wiz Logo

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Cloud Security