Hunting for OS X Rootkits in Memory

  • Thursday, February 27, 2014 | 10:40 AM – 11:40 AM | West | Room: 3022

View all Sessions

The OS X Kernel has been increasingly targeted by malicious players due to the shrinking attack surface. This presentation will include demonstrations and discuss attacks, such as function inlining, shadow syscall tables and DTrace hooks and their detection in memory with the Volatility Framework.


This document was retrieved from on Fri, 28 Apr 2017 19:32:56 -0400.
© 2017 EMC Corporation. All rights reserved.