Support

Elevate Your Expertise: Learn More, Save More, and Achieve More with Our Exclusive Training Deals!

Course Summary

Advanced macOS Control Bypasses (EXP-312) is OffSec’s first foray into macOS security. It’s an offensive logical exploit development course on macOS, focusing on local privilege escalation and bypassing the operating system’s defenses. Earn your OffSec macOS Researcher (OSMR) certification.

• Obtain a strong understanding of macOS internals
• Learn the basics of Mach messaging
• Learn how to bypass Transparency, Content and Control (TCC) protections
• Learn how to escape the Sandbox
• Perform symbolic link attacks
• Leverage process injection techniques
• Exploit XPC for privilege escalation
• Perform hooking based attacks
• Write Shellcode for macOS
• Bypass kernel code-signing protection

This course covers the following topics:

• Introduction to macOS internals

• Debugging, Tracing Hopper

• Shellcoding in macOS

• Dylib Injection

• Mach and Mach injection

• Hooking

• XPC exploitation

• Sandbox escape

• Attacking privacy (TCC)

• Symlink attacks

• Kernel code execution

• macOS Pentesting

All learners are required to have: • C programming knowledge • Normal user experience with macOS • Basic familiarity with 64-bit assembly and debugging • Understanding of basic exploitation concepts

The EXP-312 course and online lab prepares you for the OSMR certification Duration: 48-hour exam Exam type: Proctored

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.
Send as a Prefilled Cart
Request Custom Delivery

Questions About This Course?







    Other Popular Courses

    Next Generation Mindfulness
    • Duration: 1 Days
    • Language: English
    • Level: Foundation
    • Exam: NGM
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details
    Nutanix Multicloud Infrastructure Design (NMC...
    • Duration: 1 Days
    • Language: English
    • Level: Advanced
    • Exam: Nutanix Certifi
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details
    CertNexus: CyberSec First Responder (CFR)
    • Duration: 5 Days
    • Language: English
    • Level: Advanced
    • Exam: CFR-410
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details