Hello Friends, Been a While. Anyone have some guidance on macOS Malware Analysis?

hartescout · January 23, 2021, 6:54pm

So, basically the title of the post. Recently took on a full-time position on a threat research/hunt team and have become interested in filling a gap in macOS reverse engineering/Malware Analysis expertise. Zero2Auto and these forums and Discord are huge part in why I have this position so I thought I should ask the community.

Any guidance? Some initial searches have turned up some decent-looking information but I haven’t found any books specifically focused on the architecture and or OS.

Would be much appreciated!

alexa · January 24, 2021, 5:30am

idk man this is what i got, i hope you will find some help:

peta909 · January 26, 2021, 2:24am

hi there,
yup there isn’t as much info on mac malware stuff vs Windows or *nix. but the best you can turn to are the following:

https://objective-see.com/about.html

https://www.amazon.com/Jonathan-Levin/e/B008ZF7ZKK/ref=dp_byline_cont_book_1

always start with the basics learning the OSX file types and internals of OSX.

kris · February 7, 2021, 12:03am

I came across the MacOS Internals triology a few days ago, they aim to be the equivalent of Windows Internals books for MacOS. No idea how good they are though.