The Art of Mac Malware Volume 2 cover

The Art of Mac Malware, Volume 2

by Patrick Wardle
Use coupon code PREORDER to get 25% off!

The Art of Mac Malware, Volume 2 is a comprehensive guide to the programmatic approaches you can use to detect and protect against macOS malware. 

You'll learn how to write code that gathers data from a macOS system such as running processes, loaded libraries, network connections, and much more, then tour the many techniques used by actual malware specimens to evade detection. Next, you'll programmatically observe the activity on a macOS system and learn how to determine whether any of the collected data indicates an infection by classifying it as benign, anomalous, or clearly suspicious. Finally, you'll put this information together to build your own security tools for macOS, ranging from simple process and network monitors to fully featured products capable of detecting and thwarting even the most sophisticated macOS threats. 

Author Bio 

Patrick Wardle is the creator of the Mac security website and tool suite Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing free open-source security tools to protect Mac users.

Table of contents 

Part I: Data Collection
Chapter 1. Examining Processes
Chapter 2. Parsing Binaries
Chapter 3. Code Signing

Chapter 4. Network State and Statistics
Chapter 5. Persistence

Part II: System Monitoring
Chapter 6. Log Monitoring
Chapter 7. Network Monitoring
Chapter 8. Endpoint Security
Chapter 9: Muting and Authorization Events

Part III: Tool Creation
Chapter 10: Persistence Enumerator
Chapter 11: Persistence Monitor
Chapter 12: Mic Webcam Monitor
Chapter 13: DNS Monitor
Chapter 14. Case Studies

The chapters in red are included in this Early Access PDF.