🙅🏻‍♂️ The training is now sold-out.
If you are still interested in joining us please email us (, to join the in-person waiting list.

Training Overview:

We'll cover a myriad of topics, including:
  • Common infection vectors, persistence, and capabilities of macOS malware.

  • Introduction to tools and techniques used to classify and analyze (malicious) binaries.

  • Hands-on (static & dynamic) analysis of macOS malware uncovering its; infection vectors, persistence, & payloads.

  • Exploring programmatic methods and Objective-See's open-source tools & libraries, to create detection capabilities.
Price: €2,999

Date: Oct. 9th - 11th

Location: Don Pepe, Gran Meliá (the #OBTS conference venue).

Training Details:

As macOS grows in popularity, so does the prevalence of malware targeting this platform ...including those designed to run natively on Apple Silicon.

Ever wanted to learn exactly how to tear apart these malicious creations in order to reveal their inner workings? Or how to craft tools capable of programmatically detecting even new threats? Here's your chance!

In this content-packed three-day course, Mac security expert and author Patrick Wardle will teach the tools and techniques needed to comprehensively analyze and understand malware targeting Apple's desktop OS. Moreover, we'll discuss heuristic-based approaches to programmatically detect such threats.

...and yes, during the training you'll be able try out the analysis concepts, directly upon captured macOS malware! 🤗

Suggested Prerequisites

In order to get the most out of this training, attendees should have a basic understanding of the following:
  • Malware concepts
  • Reversing topics and tools
  • Programming topics (ideally some coding experience)
Training Outline:
  • Part 0: Introduction
    Covers basic macOS malware and security concepts (such as common infection vectors & persistence).

  • Part 1: Static Malware Analysis
    Starts by explaining how statically triage a sample, for example via extracting embedded strings, code-signing information (and entitlements), and more. Binary disassembly (both Intel and Arm) will also be covered and explored, to illustrate how details of malware's inner workings may be uncovered.

  • Part 2: Dynamic Malware Analysis
    Covers dynamic analysis tools (such as Objective-See FileMonitor and ProcessMonitor) to passively observe malware's action. Various debugging concepts will also be taught, in order to analyze more complex malware samples.

  • Part 3: Programamtically Detecting Malware
    Explores how to programmatically uncover infections by examining running processes, network connections, and more! You'll be able to leverage Objective-See's open-source libraries (built atop Apple new Endpoint Security Framework), tp build your own malware detection and analysis tools.

Required Setup:
  • MacBook
  • A virtualized instance of macOS
  • Xcode (with cmdline/developer tools)
  • Disassembler (IDA, Hopper, Ghidra, etc.)

Training Instructor:

Patrick Wardle is the creator of the non-profit Objective-See Foundation, author of the "The Art of Mac Malware" book series, and founder of the "Objective by the Sea" macOS Security conference.

Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.

Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing both books, and free open-source security tools to protect Mac users.

ℹ️   Cancellation Policy:
  • Cancellations up to a month before the training (Sept. 9thth 2023), will be 100% refunded (minus payment processing fees).

  • Cancellations less than a month before the training cannot be refunded.