Masochist is a framework for creating XNU based rootkits. Very useful in OS X and iOS security research. It can do cool things like: * Public symbol resolution * Process manipulation * System call hijacking Masochist is currently compatible with 64-bit OS X machines (I think). I've only tested this on 10.10. If anyone is brave enough to try it on their system, I would be very grateful. Usage: To use this code, please import these files into your kernel extension project in Xcode. Then, import the headers that you need to use. I recommend this repo as a starting point for your project. It has been configured and is ready to be built inside Xcode. API docs can be found on the Wiki page. Disclaimer: Please don't do anything stupid/illegal with this. This stuff can break your Mac. If you're unsure, run OS X in a VM.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
A static analysis tool for PE files that identifies potential malicious indicators through compiler detection, packing analysis, signature matching, and suspicious string identification.
Valkyrie is a sophisticated file verdict system that enhances malware detection through behavioral analysis and extensive file feature examination.
A sandbox for quickly sandboxing known or unknown families of Android Malware
A program to manage yara ruleset in a database with support for different databases and configuration options.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.