NSHumanReadableCopyright: Copyright © 2018 Apple Inc. IOUserClientClass: EndpointSecurityDriverClient Looking at its property list, we (~) % jlutil /System/Library/Extensions/EndpointSecurity.kext/Contents/istĬFBundleIdentifier: ĭTCompiler: .clang.1_0 The heart of the EndpointSecurity architecture is the EndpointSecurity.kext, which provides the absolutely necessary kernel component of the framework. Since it demonstrates textbook principles from MOXiI 2 Volumes II and III, I figured it would make for a good extended hands-on example for readers - and anyone else interested in reverse engineering. It's somewhat documented (in usr/include/EndpointSecurity/*.h headers), but, as usual, "it just works"™ - which might be good for them, but not for me. Apple's Endpoint Security is a significant enhancement in MacOS 15, aimed at further enabling third party security software functionality, while at the same time keeping it out of the kernel.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |