Masochist Logo

Masochist

0
Free
Visit Website

Masochist is a framework for creating XNU based rootkits. Very useful in OS X and iOS security research. It can do cool things like: * Public symbol resolution * Process manipulation * System call hijacking Masochist is currently compatible with 64-bit OS X machines (I think). I've only tested this on 10.10. If anyone is brave enough to try it on their system, I would be very grateful. Usage: To use this code, please import these files into your kernel extension project in Xcode. Then, import the headers that you need to use. I recommend this repo as a starting point for your project. It has been configured and is ready to be built inside Xcode. API docs can be found on the Wiki page. Disclaimer: Please don't do anything stupid/illegal with this. This stuff can break your Mac. If you're unsure, run OS X in a VM.

FEATURES

ALTERNATIVES

YARA syntax highlighting for Gtk-based text editors

Debugger and .NET assembly editor with advanced debugging features.

A tool for malware analysts to search through base64-encoded samples and generate yara rules.

YaraHunter scans container images, running Docker containers, and filesystems to find indicators of malware.

A new age tool for binary analysis that uses statistical visualizations to help find patterns in large amounts of binary data.

ICSREF is a modular framework for automated reverse engineering of industrial control systems binaries

A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.

A software reverse engineering framework with full-featured analysis tools and support for multiple platforms, instruction sets, and executable formats.