What Is The V8 Inspector? V8 is the JavaScript engine that ships as part of both Chromium (and derivatives) as well as Node (which is in turn included in Electron). V8 provides a debugging interfac...

What Are MDM Profiles? MDM profiles allow organizations to deploy common device configurations across MacOS and iOS devices. They can be deployed by hand, or via 3rd party MDM solutions such as Jam...

Foreward I thought it might be fun to poke at Homebrew and see what kind of things I could find. Welcome to the beginning of what I hope will be a small but fun series of posts on abusing HomeBrew...

Foreward Right on the tails of my last post that detailed a token theft attack on macOS, today I’m sharing yet another procedure for acquiring and abusing tokens found on a macOS system. Included...

Foreward While this is by no means new or groundbreaking information I’ve been meaning to document a process known to the forensic and law enforcement community and provided as part of point-and-cl...

Foreword macOS’s default Terminal.app is garbage, and everyone knows it; they also know iTerm is by and large the most popular terminal replacement for macOS. But did you know iTerm is also a fanta...

Foreword This is a fairly short post illustrating a technique for identifying a browser based on request headers. This technique is not reliant on any scripting support and sucessfully identifies b...

Foreword This short post documents a technique for authenticating as root on macOS and provides procedures for bypassing the default configuration of macOS which explicitly disables the root user. ...

Foreword I’ve had a PoC for this technique for a little while as part of research for a future talk on the subject of post-exploitation in MacOS, but as an article has surfaced detailing the adware...

Foreword Cultivating an online persona in the modern era of the internet can be difficult without giving up too much of your own personal information due to the rise of spammers leveraging bots to ...