...and a big mahalo to the (many) brilliant researchers whose work laid the foundation for this! 🙏🏽

Really awesome work by Patrick Wardle, simple and elegant :)

I see we're doing the quarterly open source tools/research debate again. I'll just say this: Phishing got much harder when Kuba Gretzky released evilnginx AD got more secure after SpecterOps released Certified Pre-Owned AD got more secure when Tim Medin @timmedin.bsky.social 🇺🇦 showed us kerberoasting

Had a lot of fun digging into COM stuff with bohops recently! We ended up finding a way to laterally move without dropping a file. ibm.com/think/news/fil…

My team is hiring a high-mid to senior engineer! You’ll be joining a brilliant team that delivers high-impact assessments with lots of visibility :) Please apply if interested and let me know if you have any questions! careers.snowflake.com/us/en/job/SNCO…

wts.dev/posts/tcc-who/ It's a write-up a year in the... waiting. Enjoy everyone!

developer.chrome.com/blog/extension… RIP --load-extension, you were good to us red teamers

Before moving from my role at Google to Snowflake I sat down and did a braindump of all the guidelines that I follow (or followed at one point and wanted to reintroduce). For those interested, here are the ~34 guidelines that made the cut

figma.com/blog/rolling-o… This is so cool :) "Santa also supports file access authorization (FAA), restricting access to specific files and ensuring ... approved applications ... can interact with them. We’ve leveraged this to secure browser cookies on Figma laptops"

Some Python code that leverages FFI to interface with macOS libraries to pull the unique hardware UUID. An alternative to the system_profiler binary that may be useful :) gist.github.com/slyd0g/fec25af…

ec2-instance-connect:SendSSHPublicKey might be my on of my favorite API calls. Have privilege at the control plane and want to start popping boxes? I have a solution for you!

Data is gold and Snowflake is full of it. BloodHound now understands Snowflake’s access model. Map who can reach your critical data, and how they’d do it. Check it out: github.com/SpecterOps/Sno…

Just posted my DEF CON slides (talk #1): "Mastering Apple's Endpoint Security for Advanced macOS Malware Detection" Writing 🍎 security software? You should be using Endpoint Security! But its advanced features are rather nuanced & often misunderstood 🫣 speakerdeck.com/patrickwardle/…

For those missing the talk, Blog: jhftss.github.io/Exploiting-the… Slides: github.com/jhftss/jhftss.…

Awesome stuff Max Harley :)

This is an opportunity to join a great team with far-reaching impact across Apple! If you’ve been interested in or are currently writing detection as code at scale, please take a look. jobs.apple.com/en-il/details/…

Here’s the write up, enjoy: binhsarchive.substack.com/p/reverse-engi…

How do you read from the clipboard in macOS without anyone noticing? Just read from a UUID file under "~/Library/Group\ Containers/group.com.apple.coreservices.useractivityd/shared-pasteboard/" (requires the ability to read from Group Containers!, e.g. via Full Disk Access)

I'm really excited to share my first research article related to hacking Google Gemini! buganizer.cc/hacking-gemini… #bugSWAT #GoogleVRP

I wrote a thing about some recent dabbling with AppleScripts 0x626c6f67.xyz/posts/hiding-c…