The Art of Mac Malware Volume 2 cover

The Art of Mac Malware, Volume 2

by Patrick Wardle
Use coupon code PREORDER to get 25% off!

The Art of Mac Malware, Volume 2 is a comprehensive guide to the programmatic approaches you can use to detect and protect against macOS malware. 

You'll learn how to write code that gathers data from a macOS system such as running processes, loaded libraries, network connections, and much more, then tour the many techniques used by actual malware specimens to evade detection. Next, you'll programmatically observe the activity on a macOS system and learn how to determine whether any of the collected data indicates an infection by classifying it as benign, anomalous, or clearly suspicious. Finally, you'll put this information together to build your own security tools for macOS, ranging from simple process and network monitors to fully featured products capable of detecting and thwarting even the most sophisticated macOS threats. 

Author Bio 

Patrick Wardle is the creator of the Mac security website and tool suite Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing free open-source security tools to protect Mac users.

Table of contents 

Part 1: Data Collection
Chapter 1. Examining Processes
Chapter 2. Parsing Mach-O Binaries
Chapter 3. Code Signing

Chapter 4. Networking Statistics
Chapter 5. Additional Data Sources
Part 2: System Monitoring
Chapter 6. Logging
Chapter 7. Network Monitoring
Chapter 8. Endpoint Security
Part 3: Tool Creation
Chapter 9. Task Manager
Chapter 10. Mic/Webcam Monitor
Chapter 11. Persistence Monitor
Chapter 12. Network Monitoring Tools
Chapter 13. File/Process Monitoring Tools
Chapter 14. Case Study

The chapters in red are included in this Early Access PDF.