redpig/patient0 · GitHub: "What is [patient0]? [patient0] provides a foundation for exploring trust relationships between the user, running processes, and privileges on OS X using runtime code injection and function interposition. In particular, [patient0] is a tool for performing widespread process 'infection' by making key applications, like Dock and Finder, spread the custom code. [patient0] is built on [libpatient0]."
How do you know that only your own code is running inside your app? AND, will codesigning checks be enough?
Labels: dylib injection, hacking osx, security
Post a Comment