kim4apple kim4apple
kim4apple
/ gist:34daa6a0a311e35a1ff3f609b2749bdb
Created
September 25, 2019 03:21
pfctl cheat sheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # basic pfctl control | |
| # == | |
| # Related: http://www.OpenBSD.org | |
| # Last update: Tue Dec 28, 2004 | |
| # == | |
| # Note: | |
| # this document is only provided as a basic overview | |
| # for some common pfctl commands and is by no means | |
| # a replacement for the pfctl and pf manual pages. |
kim4apple
/ SystemIdleTime.m
Created
March 25, 2020 14:36
— forked from darrarski/SystemIdleTime.m
Get Mac OS X system idle time in Swift or Objective-C
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // Created by Dariusz Rybicki on 17/04/16. | |
| // Copyright © 2016 Darrarski. All rights reserved. | |
| // | |
| #import <Foundation/Foundation.h> | |
| /** | |
| Returns number of seconds since system became idle | |
kim4apple
/ EndpointSecurityDemo.m
Created
July 9, 2020 03:09
— forked from Omar-Ikram/EndpointSecurityDemo.m
A demo of using Apple's new EndpointSecurity framework - tested on macOS Catalina 10.15 (19A583)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // main.m | |
| // EndpointSecurityDemo | |
| // | |
| // Created by Omar Ikram on 17/06/2019 - Catalina 10.15 Beta 1 (19A471t) | |
| // Updated by Omar Ikram on 15/08/2019 - Catalina 10.15 Beta 5 (19A526h) | |
| // Updated by Omar Ikram on 01/12/2019 - Catalina 10.15 (19A583) | |
| // | |
| #import <Foundation/Foundation.h> |
kim4apple
/ Revisiting Mac OS X Kernel Rootkits
Created
November 2, 2022 16:02
— forked from alexprivalov/Revisiting Mac OS X Kernel Rootkits
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Title : Revisiting Mac OS X Kernel Rootkits | |
| Author : fG! | |
| Date : April 18, 2014 | |
| |=----------------------------------------------------------------------------=| | |
| |=----------------=[ Revisiting Mac OS X Kernel Rootkits ]=-------------------=| | |
| |=----------------------------------------------------------------------------=| | |
| |=------------------------=[ fG! <[email protected]> ]=---------------------------=| | |
| |=----------------------------------------------------------------------------=| |
kim4apple
/ amfid_patch.py
Created
May 5, 2023 18:05
— forked from pvieito/amfid_patch.py
This script can patch macOS 10.12.2 amfid daemon on memory to allow arbitrary entitlements in Developer ID signed binaries.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| '''amfid_patch.py - Pedro José Pereira Vieito © 2016 | |
| This script can patch macOS 10.12.2 amfid daemon on memory | |
| to allow arbitrary entitlements in Developer ID signed binaries. | |
| Killing amfid will make the patch disapear: | |
| $ sudo kill -9 `pgrep amfid` | |
| You must run the script as a root (sudo) and with SIP disabled. | |
OlderNewer