๐Ÿ›ก๏ธ
./Malfav.asm
Linkedin
  • ๐Ÿ‘‹./Malfav.asm
    • ๐Ÿ•ธ๏ธMalfav Agenda
  • ๐Ÿ•ท๏ธMalware Introduction
    • ๐Ÿ’กWhat is Malware
      • ๐ŸŒ FIN Malware
      • ๐Ÿฆ˜Cyber Gang Malware
        • ๐Ÿ•ท๏ธSpiders Malware
      • ๐Ÿ•ต๏ธโ€โ™€๏ธCyber Espionage Malware
      • ๐Ÿ˜Cyber Sabotage Malware
      • ๐Ÿ›ดRootkit
        • ๐ŸซšBootkit
    • ๐ŸฆซNations State APT
      • ๐Ÿ—ฏ๏ธAPT
      • ๐Ÿ‡ฎ๐Ÿ‡ทIran APT
      • ๐Ÿ‡ท๐Ÿ‡บRussian APT
      • ๐Ÿ‡จ๐Ÿ‡ณChines APT
      • ๐Ÿ‡ฎ๐Ÿ‡ณIndia APT
      • ๐Ÿ‡ต๐Ÿ‡ฐPakistan APT
      • ๐Ÿ‡ป๐Ÿ‡ณVietnamese APT
      • ๐Ÿ‡ฐ๐Ÿ‡ตNorth Korean APT
    • ๐Ÿฅ‹Mobile Malware
      • ๐Ÿ“ฒAndroid Malware
        • ๐Ÿ’ฐCommerical Android Malware
          • Common Android Spyware
        • ๐ŸงงCommon Android Exploits
          • 0๏ธCommon Android 0day
      • ๐Ÿ“ฑIPHONE Malware
        • ๐ŸšCommon IPHONE Spyware
        • ๐Ÿ’ฅCommerical IPHONE Malware
        • ๐Ÿ’ฃCommon IPHONE Exploits
    • ๐Ÿ“ƒMalicious Documents
      • ๐Ÿ“จExcel Spreadsheets
      • ๐Ÿ—ผPowerPoint Presentations
      • ๐ŸคบMicrosoft Office Documents
      • ๐Ÿ“‘PDF
      • ๐Ÿ“„Other Document Formats
      • ๐ŸฉผCommon Techniques Used in Malicious Documents
    • ๐Ÿž๏ธAdvanced Persistence Threat - APT
      • ๐Ÿฅ APT Groups
        • ๐Ÿ‡จ๐Ÿ‡ณMustang Panda
        • ๐Ÿ›•Mustard Tempest
        • ๐Ÿ‡จ๐Ÿ‡ณNaikon
        • ๐ŸชกNEODYMIUM
        • ๐Ÿ‡ท๐Ÿ‡บNomadic Octopus
        • ๐Ÿ‡ฎ๐Ÿ‡ทOilRig
        • ๐ŸŠOrangeworm
        • ๐Ÿ‡ฎ๐Ÿ‡ณPatchwork
        • ๐Ÿ‡จ๐Ÿ‡ณPittyTiger
        • ๐ŸŒPLATINUM
        • ๐Ÿ‡ฑ๐Ÿ‡งPOLONIUM
        • ๐Ÿ‡ต๐Ÿ‡นPoseidon Group
        • ๐Ÿ‡น๐Ÿ‡ฒPROMETHIUM
        • ๐Ÿ‡จ๐Ÿ‡ณPutter Panda
        • ๐ŸฆRancor
        • ๐Ÿ‡จ๐Ÿ‡ณRocke
        • ๐ŸขRTM
        • ๐Ÿ‡ท๐Ÿ‡บSandworm Team
        • ๐ŸƒScarlet Mimic
        • ๐Ÿ‡ฌ๐Ÿ‡ฑScattered Spider
        • ๐Ÿ‡ต๐Ÿ‡ฐSideCopy
        • ๐Ÿ‡ฎ๐Ÿ‡ณSidewinder
        • ๐Ÿ”•Silence
        • ๐Ÿ‡ฎ๐Ÿ‡ทSilent Librarian
        • ๐Ÿ‡ณ๐Ÿ‡ฌSilverTerrier
        • ๐ŸžSowbug
        • ๐Ÿ”ฑStrider
        • ๐Ÿ‡จ๐Ÿ‡ณSuckfly
        • ๐ŸฅƒTA2541
        • ๐Ÿ‡จ๐Ÿ‡ณTA459
        • ๐Ÿ’ผTA505
        • ๐Ÿ’ฐTA551
        • โ˜๏ธTeamTNT
        • ๐Ÿ‡ท๐Ÿ‡บTEMP.Veles
        • ๐ŸฆณThe White Company
        • ๐Ÿ’ณThreat Group-1314
        • ๐Ÿซ“Threat Group-3390
        • ๐Ÿ‡จ๐Ÿ‡ณThreat Group-3390
        • ๐ŸฆThrip
        • ๐ŸˆToddyCat
        • ๐Ÿ™Tonto Team
        • ๐Ÿ‡ต๐Ÿ‡ฐTransparent Tribe
        • ๐Ÿ Tropic Trooper
        • ๐ŸขTurla
        • ๐Ÿ‡ฎ๐Ÿ‡ทUNC788
        • ๐Ÿ‡ฑ๐Ÿ‡งVolatile Cedar
        • ๐Ÿ‡จ๐Ÿ‡ณVolt Typhoon
        • ๐Ÿ•Š๏ธWhitefly
        • ๐Ÿ”˜Windigo
        • ๐ŸชฝWindshift
        • ๐Ÿ‡จ๐Ÿ‡ณWinnti Group
        • ๐Ÿฅ€WIRTE
        • ๐Ÿ‡ท๐Ÿ‡บWizard Spider
        • ๐ŸŽชZIRCONIUM
      • ๐ŸนAPT's Software
        • ๐Ÿ€3PARA RAT
        • ๐Ÿ€4H RAT
        • โšฑ๏ธAADInternals
        • ๐Ÿ”ปABK
        • โš—๏ธAbstractEmu
        • ๐ŸชฑACAD/Medre.A
        • ๐Ÿ‡ฒ๐Ÿ‡ฐAcidRain
        • ๐ŸฌAction RAT
  • ๐ŸOS Internal's
    • ๐ŸฉSuspicious API's
      • ๐ŸชจProcess Information API's
      • ๐ŸงฉRegistry API's
      • ๐Ÿ”’Encryption API's
      • ๐Ÿ“ฏRestore Point API's
      • ๐Ÿ‘พExfiltration API's
      • ๐Ÿฆ‰Data Wiping API's
      • ๐Ÿ“จShadow Copy API's
      • ๐ŸชผWhat is Malicious API's Functions
      • ๐ŸŒช๏ธSystem Information API's
      • ๐ŸŒ€Network Information API's
  • ๐ŸชŸWindows Internal
    • ๐Ÿ“กWindows Internal
      • ๐ŸฆWhy Windows Internal ?
        • ๐Ÿต๏ธProcess
        • ๐ŸงตThread
        • ๐ŸชญHandle
        • ๐ŸŒMemory
        • โ˜ข๏ธRam
        • ๐Ÿค–ROM
  • ๐Ÿ‘๏ธโ€๐Ÿ—จ๏ธMalware Technique
    • ๐Ÿ““Malware Technique
    • ๐Ÿ’ขObfuscation
      • ๐ŸฆพAnti-Debugging Techniques
      • ๐Ÿ—๏ธInstruction Substitution
      • ๐Ÿ“”Code Obfuscation
      • ๐Ÿ“ฆCode Packing
      • ๐Ÿ’ˆPolymorphism
      • ๐ŸŒฌ๏ธControl Flow Obfuscation
      • ๐Ÿช…Data Obfuscation
      • ๐Ÿ’…Metadata Obfuscation
      • ๐ŸŽฃMetamorphism
      • โ›ฒRuntime Obfuscation
    • ๐Ÿ›ŒPersistence Mechanism
      • ๐Ÿ”ฐRegistry Persistence Mechanism
      • ๐Ÿ—‘๏ธTask Sch Persistence Mechanism
      • ๐Ÿ“‚Startup Folder
      • ๐ŸŽ‹AppData Folder
      • ๐ŸชนTemp Folder
  • โš”๏ธMalware Resources
    • ๐Ÿ‘ปMalware Resources
    • ๐ŸŽ‡Malware Sample Resources
      • ๐ŸŒก๏ธVirusShare
      • โ™ ๏ธMalShare
      • ๐ŸšฅMalwareTraffic
      • ๐ŸšMalware Bazaar
  • Malware Analysis Toolkit
    • ๐ŸงŒWindows Malware Analysis Toolkit
      • ๐Ÿ’‰Common Online Malware Analysis Toolkit
        • ๐Ÿ’ŽJoe Sandbox
        • ๐ŸŽชVT - VirusTotal
        • ๐Ÿ‘ฝThreat.Zone
        • ๐ŸฆHybrid Analysis
        • ๐Ÿฆ„Any.run
        • ๐ŸฅซFilescan
      • ๐ŸฅStatic Analysis Tools
        • ๐ŸกAdvance Static Analysis Tool
      • ๐Ÿ’ Dynamic Analysis Tool
        • Advance Dynamic Analysis Tool
      • ๐ŸฅœNetwork Analysis Tool
      • ๐ŸฅŸString Dumpers Toolkit
        • ๐Ÿ“Strings
        • ๐ŸฆžFloss
    • ๐Ÿ“ฑAndroid Malware Analysis Toolkit
      • ๐Ÿ•น๏ธStatic Analysis Toolkit
      • ๐Ÿ’ Dynamic Analysis Toolkit
      • ๐Ÿซ’Online Analysis Toolkit
    • ๐Ÿ“ฑIPHONE Malware Analysis Toolkit
      • ๐ŸฅขStatic Analysis Toolkit
      • โ™ฆ๏ธDynamic Analysis Toolkit
    • ๐Ÿ’ปMAC OSX Malware Analysis Toolkit
      • ๐Ÿ“ฏStatic Analysis Toolkit
      • ๐ŸญDynamic Analysis Toolkit
      • ๐ŸŒฌ๏ธOnline Analysis Toolkit
  • Books and Guidelines
    • ๐Ÿ”‹Books and Guidelines for Malware Analysis .
      • ๐Ÿ‹๏ธโ€โ™€๏ธAndroid Malware Analysis 101
      • ๐Ÿฅ–Common Anti-Forensics
      • ๐ŸฆฃMemory Forensics GUI
      • ๐Ÿ“ผAssembly for Malware Analyst
      • ๐Ÿ’พDisk Image Forensics
      • โšกVolatility Noob to Pro
  • ๐Ÿ“‹Malware Analysis Tips
    • ๐Ÿ–‡๏ธMalware Analysis Tips
      • ๐ŸฎMemory Malware Analysis
      • ๐ŸœTechnique to Investigate Process
      • ๐Ÿ’ฅProcess Lists 1
      • ๐Ÿ’ฅProcess Lists 2
      • ๐Ÿ’ฅProcess Lists 3
  • ๐ŸงฝIncident Response
    • ๐ŸณWhat is Incident Response
      • Incident Response Tools
      • Incident Response Toolkit
  • Technical Analysis Report
    • ๐ŸฆŽTechnical Analysis Report
      • ๐ŸงฒStuxnet Memory Analysis
  • ๐ŸšจRootkit Removal
    • ๐Ÿค–Rootkit Removal
  • ๐Ÿ—œ๏ธAntivirus Artifact
    • ใ€ฝ๏ธAntivirus Artifact
      • ๐Ÿ€„Antivirus Process Name
  • ๐Ÿง Malware Author Mindset
    • ๐Ÿ’ฝMalware Author Mindset
      • ๐ŸซHow Malware Author Terminate Antivirus Process during runtime ?
Powered by GitBook
On this page
  1. Malware Analysis Toolkit
  2. MAC OSX Malware Analysis Toolkit

Static Analysis Toolkit

  • Otool: A command-line utility that allows you to inspect binary files. It provides information about Mach-O files, libraries, and symbols.

  • Strings: Extracts printable strings from binary files, which can be useful for identifying embedded text or clues about the malware's functionality.

  • Hopper Disassembler: A commercial disassembler and debugger for macOS. It helps you reverse-engineer and analyze binaries.

  • IDAPRO: A powerful disassembler and debugger that supports macOS binaries. Itโ€™s widely used in the security community for static analysis.

  • Cutter: An open-source GUI for Rizin (formerly known as Radare2) that supports macOS. It provides an interface for disassembly, debugging, and analysis.

  • Mach-O View: A macOS application for analyzing Mach-O files. It helps you view and understand the structure of these files.

  • Xcode: Apple's integrated development environment (IDE) includes tools for inspecting and analyzing macOS applications.

  • Clang Static Analyzer: A tool that can perform static analysis on C, C++, and Objective-C code, which can be useful if you have source code or are working with malware written in these languages.

  • YARA: While not strictly a static analysis tool, YARA can be used to write rules to identify and classify malware samples based on patterns in their code.

PreviousMAC OSX Malware Analysis ToolkitNextDynamic Analysis Toolkit

Last updated 10 months ago

๐Ÿ’ป
๐Ÿ“ฏ
Page cover image