I was always amazed by @Hexacorn’s Beyond good ol’ Run key blog post series, which collects various persistence methods on Windows. It’s an awesome series, which has 133 parts at the time of this writing. I find them pretty cool, and if you are doing either offensive or defensive work on Windows, this is a must read and follow blog. In the past years as my interest in macOS grew, and now that I’m mostly doing only macOS related research and studies I started to came across many - many...| theevilbit blog
TL;DR Link to heading On macOS 10.15.2 Apple introduced the com.apple.private.security.clear-library-validation entitlement, which is slowly replacing the previously used com.apple.security.cs.disable-library-validation entitlement on system binaries. Although their impact is the about the same, the way they work is different. While library validation is automatically disabled using com.apple.security.cs.disable-library-validation, with com.apple.private.security.clear-library-validation, the...| theevilbit.github.io
Apple has given us notice of an upcoming codesigning requirement in their bundled apache webserver. I worked out how to make things work once it is in place.| Phusion Blog