The code repository for the
Snake&Apple article series, which documents my research about macOS security.
I have been writing articles about Apple Security across different platforms for years, compiling them in this repository. Below is a brief explanation of the links you will find:
- I am currently writing on Patreon, where most articles are free to read—no account needed. The same goes for my pieces on the AFINE blog.
- In 2024, I wrote only on Medium. Those articles are paywalled, but thanks to Monethic's sponsorship, you can find direct links in this repository. No Medium account is required.
- If those links ever break, ping me on social media or Patreon for a fresh one. If you're feeling generous, the Patron subscription gets you PDF versions of all the Medium articles.
- I've also been working on some exclusive content for my Elite Patrons—my "thank-you" to the folks who support me. I'm still building that out, but you can read more about it here.
Each article directory contains three subdirectories:
mac- source code of macOS for references and copy of presentations.custom- code, for example, programs written for articles.python- contains the latest CrimsonUroboros and other Python scripts created during research.
The short introduction is written in Snake&Apple Intro
The tags for each article are in the Article_tags.md.
The table of contents showing links to all articles is below:
- ☑ App Bundle Extension
- ☑ I. Mach-O
- ☑ II. Code Signing
- ☑ III. Checksec
- ☑ IV. Dylibs
- ☑ V. Dyld
- ☑ DYLD — Do You Like Death? (I)
- ☑ DYLD — Do You Like Death? (II)
- ☑ DYLD — Do You Like Death? (III)
- ☑ DYLD — Do You Like Death? (IV)
- ☑ DYLD — Do You Like Death? (V)
- ☑ DYLD — Do You Like Death? (VI)
- ☑ DYLD — Do You Like Death? (VII)
- ☑ DYLD — Do You Like Death? (VIII)
- ☑ DYLD — Do You Like Death? (IX)
- ☑ DYLD — Do You Like Death? (X)
- ☑ DYLD — Do You Like Death? (XI)
- ☑ VI. AMFI
- ☑ VII. Antivirus
- ☑ VIII. Sandbox
- ☑ IX. TCC
- ☑ X. NU
The main tool created during the writing of the Snake & Apple series is called CrimsonUroboros. Its description along with instructions for other tools from this repository are in Tools.md.
In case of any questions or ideas for improvements, please open a new issue to discuss. For any changes related to the tools codebase:
- Fork the repository.
- Create a dedicated branch for your changes.
- Make your modifications or additions.
- Open a pull request describing your changes.
- I will review and merge if everything looks good.