Training
Note: Training is now sold out!
However if you're still interested, email us (training@objective-see.com) to get on the waiting list.
However if you're still interested, email us (training@objective-see.com) to get on the waiting list.
πΎπ¬ "The Art of Mac Malware Analysis"
The tools & techniques to comprehensively understand threats targeting macOS.
The tools & techniques to comprehensively understand threats targeting macOS.
Objective-See
-
Topics include:
- Introduction to tools and techniques used to analyze (malicious) binaries.
- Hands-on (static and dynamic) analysis of macOS malware uncovering its; infection vectors, persistence, and payloads.
- Exploring Objective-See's open-source tools & libraries, to create custom analysis (and detection) capabilities.
-
Date: March 11th, 2020
-
Price: $999 USD
Training Details:
As macOS grows in popularity, so does the prevalence of malware targeting this platform. New to 2019: OSX.CookieMiner, OSX.Yort, OSX.Mokes.B and many more!
Ever wanted to learn exactly how to tear apart these malicious creations in order to reveal their inner workings? Here's your chance!
In this content-packed one-day course, Mac security expert Patrick Wardle will teach the tools and techniques needed to comprehensively analyze and understand malware targeting Apple's desktop OS.
...and yes, during the training you'll be able try out the analysis concepts, directly upon captured macOS malware! π€
Suggested Prerequisites
In order to get the most out of this training, attendees should have a basic understanding of the following:
- malware concepts
- reversing topics and tools
- programming topics (ideally some coding experience)
- Part 0: Introduction
Covers basic macOS malware and security concepts (such as common infection vectors & persistence). - Part 1: Static Malware Analysis
Starts by explaining how statically triage a sample, for example via extracting embedded strings, code-signing information (and entitlements), and more. Binary disassembly will also be covered and explored, to illustrated how details of malware's inner workings may be uncovered. - Part 2: Dynamic Malware Analysis
Covers dynamic analysis tools (such Objective-See FileMonitor and ProcessMonitor) to passively observe malware's action. Various debugging concepts will also be taught, in order to analyze more complex malware samples. - Part 3: Writing Security Tools
Leveraging Objective-See's open-source libraries (built atop Apple new Endpoint Security Framework), build your own malware detection and analysis tools.
- MacBook
- VMWare Fusion (with Catalina (10.15.*) VM)
- Xcode (with cmdline/developer tools)
- Disassembler (IDA, Hopper, Ghidra, etc.)
Training Instructor:
Patrick Wardle is the founder of the "Objective by the Sea" macOS security conference and Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware and writing free open-source security tools to protect Mac users.