Monthly archives: October, 2016

Using email for persistence on OS X

In this post we will cover how we can use Mail.app on OS X to persist.  I was inspired by similar tools which are designed to work with Microsoft Outlook.  I first stumbled upon this article from MWR InfoSecurity, and then this blog post from Silent Break Security.  While rules in Mail.app will not replicate…


Privilege escalation on OS X – without exploits

This blog post is about ways to escalate privilege on OS X without the usage of exploits.  While exploits are always nice to have, there are other ways in which you can gain root privileges on your target.  By using misconfigurations with a little bit of social engineering you can get your victim to escalate…