40 minutes - 10 macOS persistence techniques

This talk is a "Best of" my "Beyond the good ol' LaunchAgents" blogpost series. In this 40 minute long talk I will present my favorite 10 persistence methods I learned about or found myself in the past year. I will show some very unique, less known ideas, or some which are well known by sysadmins, but less used by the security community, red teams or malware. I will also share detection ideas for every technique, which is usually not covered in my blogposts.

Presented at Security Fest 2022.

Speaker: Csaba Fitzl

About Csaba Fitzl

Csaba Fitzl

Csaba graduated in 2006 as a computer engineer. He worked for 6 years as a network engineer, troubleshooting and designing big Cisco networks. After that he started to work as a blue teamer, focusing on network forensics, malware analysis and kernel exploitation. Currentl he works in a red team, where he spends most of his time simulating adversary techniques and doing pentents. He gave talks / workshops on various international IT security conferences, including Hacktivity, hack.lu, hek.si, SecurityFest, DEFCON and BSidesBUD. He currently holds OSWP / OSCP / OSCE / OSEE certifications. He is the author of the 'kex' kernel exploitation Python toolkit.

 
Get all relevant information and news regarding Security Fest, when we release recordings of talks, etc.