Hunting for OS X Rootkits in Memory

  • Thursday, February 27, 2014 | 10:40 AM – 11:40 AM | West | Room: 3022

View all Sessions

The OS X Kernel has been increasingly targeted by malicious players due to the shrinking attack surface. This presentation will include demonstrations and discuss attacks, such as function inlining, shadow syscall tables and DTrace hooks and their detection in memory with the Volatility Framework.


This document was retrieved from on Sat, 23 Feb 2019 06:38:26 -0500.