Hunting for OS X Rootkits in Memory

  • Thursday, February 27, 2014 | 10:40 AM – 11:40 AM | West | Room: 3022

View all Sessions

The OS X Kernel has been increasingly targeted by malicious players due to the shrinking attack surface. This presentation will include demonstrations and discuss attacks, such as function inlining, shadow syscall tables and DTrace hooks and their detection in memory with the Volatility Framework.


This document was retrieved from on Fri, 27 Mar 2015 21:46:52 -0400.
© 2015 EMC Corporation. All rights reserved.