|
Title: Reverse Engineering Mac Malware 5 - Process and Network Analysis Post by: HCK on September 10, 2023, 04:05:20 pm Reverse Engineering Mac Malware 5 - Process and Network Analysis
Such important vectors of examining arbitrary code’s activity on Mac OS X as process analysis and network analysis are the subjects Sarah Edwards explicates here. In the context of the former, the expert dwells on instruments called Dtrace, including execsnoop and newproc.d; fs_usage; procxp; and the Activity Monitor. As far as network analysis is concerned, popular tools like CocoaPacketAnalyzer, Wireshark, Tcpdump and lsock get scrutinized and demonstrated via real-world examples. Source: Reverse Engineering Mac Malware 5 - Process and Network Analysis (https://macsecurity.net/view/87-reverse-engineering-mac-malware-5-process-and-network-analysis) |