These are the links/resources collected by one of my friends Sandeep for his research purposes, shared with me. Most of it is worth the read. Hope this helps someone somewhere gain some knowledge........ !!!
HTE -- File manipulator
http://hte.sourceforge.net/
Mach-O filetype and infection methods
http://felinemenace.org/~nemo/slides/mach-o_infection.ppt
Same idea, different author
http://vx.netlux.org/lib/vrg01.html
Method Swizzling (you can remap the function name pointer to binary code mapping on OS-X)
http://www.cocoadev.com/index.pl?MethodSwizzling
Class Posing!
http://www.cocoadev.com/index.pl?ClassPosing
http://www.stepwise.com/Articles/Technical/PosersAndCategories/index.html
OS-X Tools:
otool -- Object File Displaying Tool http://developer.apple.com/mac/library/documentation/Darwin/Reference/ManPages/man1/otool.1.html
gdb -- GNU Debugger (part of GCC)
http://developer.apple.com/tools/gcc_overview.html
gas -- host spoofing manager
http://www.apple.com/downloads/macosx/development_tools/gasmask.html
libtool -- Create Libraries
http://developer.apple.com/mac/library/documentation/Darwin/Reference/ManPages/man1/libtool.1.html
file -- File Typer
http://linux.die.net/man/1/file
ktrace -- Kernel Trace Logging for a process
System Calls, Name Translations, Signal Processing, I/O
dtrace -- Debugger/Tracer in 10.5+
http://www.mactech.com/articles/mactech/Vol.23/23.11/ExploringLeopardwithDTrace/index.html
http://www.macosxhints.com/article.php?story=20071031121823710
kdump -- Kernel Dump Reader
class-dump -- Examines Objective-C Runtime data for MachO files.
http://codethecode.com/projects/class-dump/
Summary of other useful tools:
http://osxbook.com/book/bonus/ancient/whatismacosx/tools.html
Other interesting links are most welcome. I can update the post if there are any interesting links.
No comments:
Post a Comment