OBTS v4.0: "Plug-n-Play: Using Native Code with Installer Plugins for Initial Access" - Chris ross
OBTS v4.0: "The Wild World of macOS Installers" - Tony Lambert
OBTS v4.0: "Kernel Exploitation on Apple's M1 chip" - 08tc3wbb
OBTS v4.0: "Becoming a Yogi on Mac ATT&CK with OceanLotus Postures" - Cat Self & Adam Pennington
OBTS v4.0: Made In America: Analyzing US Spy Agencies macOS Implants - Runa Sandvik & Patrick Wardle
OBTS v3.0: "Binary Emulation Environment for Mach-O Malware" - Erika Noerenberg
09 Importing JXA Modules into apfell agent and Jsimport
#OBTS v5.0: "In Walled Gardens be Careful of Poisoned Apples" - Matthias Frielingsdorf
#OBTS v5.0: "Sandboxing with ESF Playground on macOS" - Matt Carman
#OBTS v6.0: "Snapshot Fuzzing macOS Kernel Via Emulation" - Aleksander Nikolic
#OBTS v5.0: "Farming The Apple Orchards: Living off the Land Techniques" - Chris Ross & Cedric Owens
#OBTS v5.0: "Learning how to Machine Learn - Classifying MachO Malware" - Kimo Bumanglag
#OBTS v6.0: "Elevating Privileges on macOS by Audit Token Spoofing" - Thijs Alkemade
How to Install an OBD2 Device - Quick Installation
#OBTS v5.0: "ATT&CKing Pandas: Drawing out ATT&CK Techniques in the Wild" - Cat Self
#OBTS v6.0: "Dropping Lotus Bombs: ATT&CK in macOS Purple Team Operations" - Cat Self & Megan Carney
How To Use an OBD2 Scanner? - A Beginner's Guide
Reversing in action: New WildPressure targets macOS
How to Use an OBD-II Scanner
New Attack Surface in Safari: Using Just One Web Audio Vulnerability to Rule Safari