EXP-312
source link: https://www.offensive-security.com/exp312-osmr/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
New subscription options! Learn more
macOS Control Bypasses
What do a macOS security researcher and an octopus have in common? They both need skills and intelligence to adapt to any situation, and make use of tools found natively in the environment to hunt their prey.
macOS Control Bypasses (EXP-312) is Offensive-Security’s first macOS security course. It’s an offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses.
EXP-312 is an intermediate course that teaches the skills necessary to bypass security controls implemented by macOS, and exploit logic vulnerabilities to perform privilege escalation on macOS systems.
Students who complete the course and pass the exam earn the Offensive Security macOS Researcher (OSMR) certification.
How to buy EXP-312
EXP-312 is available only through a Learn subscription
Learn One
$2499
- One course
- 365 days of lab access
- Two exam attempts
- Plus exclusive content
Learn unlimited
$5499
- All courses
- 365 days of lab access
- Unlimited exam attempts
- Plus exclusive content
Course Info
Benefits
- Obtain a strong understanding of macOS Internals
- Learn how to bypass security controls implemented by macOS
- Exploit logic vulnerabilities to perform privilege escalation on macOS systems
About the exam
- The EXP-312 course and online lab prepares you for
the OSMR certification - 48-hour exam
- Proctored
- Learn more about the exam
Who is the course for?
- Anyone who is interested in learning about macOS exploitation
- Pentesters looking to broaden their skill set to include macOS expertise
- Anyone committed to the defense or security of macOS systems
- Job roles like Penetration testers, Exploit developers, Security researcher, macOS defenders, and macOS application developers
Course prerequisites
All students are required to have:
- C programming knowledge
- Normal user experience with macOS
- Basic familiarity with 64-bit assembly and debugging
- Understanding of basic exploitation concepts
Course Details
Course Syllabus
View the full syllabus. Topics covered include:
- Introduction to macOS internals
- Debugging, Tracing Hopper
- Shellcoding in macOS
- Dylib Injection
- Mach and Mach injection
- Hooking
- XPC exploitation
- Sandbox escape
- Attacking privacy (TCC)
- Symlink attacks
- Kernel code execution
- macOS Pentesting
What competencies will you gain?
- Obtain a strong understanding of macOS internals
- Learn the basics of Mach messaging
- Learn how to bypass Transparency, Content and Control (TCC) protections
- Learn how to escape the Sandbox
- Perform symbolic link attacks
- Leverage process injection techniques
- Exploit XPC for privilege escalation
- Perform hooking based attacks
- Write Shellcode for macOS
- Bypass kernel code-signing protection
Supporting your Online Journey
- 7+ hours of video
- 450 pages of online content
- 4 lab machines
- Closed Captioning is available for this course
Note: a mac computer is not required.
Course Pricing
All prices in US dollars. Register for Learn One or contact our training consultants if you're purchasing Learn Unlimited.
Subscription
Learn One:
EXP-312 + 365 days lab access + PEN-100 + KLCP + 2 exam attempts + PG Practice
$2499
Learn Unlimited:
All courses + 365 days lab access + PEN-100 + KLCP + unlimited exam attempts + PG Practice
$5499
Are You Ready?
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK