cuckoo-osx-analyzer icon indicating copy to clipboard operation
cuckoo-osx-analyzer copied to clipboard

Published 20 hours ago verified publisher icon rodionovd

bootstrap_guest.sh => install an anti-anti-dtrace kernel module

Open rodionovd opened this issue 9 years ago • 0 comments

Checklist:

  • [ ] Make sure pt_deny_attach still works on modern OS X systems.

    See: http://www.blendedcocoa.com/blog/2013/02/16/failing-to-update-the-pt_deny_attach-kernel-module-for-mountain-lion/

  • [ ] If it doesn't: replace it with something like this: https://github.com/gdbinit/onyx-the-black-cat/blob/master/kext/antidebug.c#L72

    I'l also have to create a brand-new kernel module from this stuff (because onyx is the all-in-one solution we're now interested in right now).

rodionovd avatar Jun 12 '15 07:06 rodionovd