Week 3 update

Week 3 down, and my brain is both fried and fired up! Taking both courses together has indeed proven useful (though I saw an increase in my coffee consumption!). Here’s what I’ve done so far:

EXP-312 Modules

  • Module 1: macOS Control Bypasses: General Course Information
  • Module 2: Virtual Machine Setup Guide
  • Module 3: Introduction to macOS (Apple Silicon)
  • Module 4: Objective-C Primer
  • Module 5: macOS Binary Analysis Tools [currently doing]

8ksec

  • Module 01: Course Preview
  • Module 02: Welcome to the Course
  • Module 03: Setting up the iOS Testing Environment
  • Module 04: Intro to iOS Apps
  • Module 05: Debugging iOS Apps
  • Module 06: Introduction to iOS Reverse Engineering

Art of Mac Malware

  • Chapter 1: Infection Vectors
  • Chapter 2: Persistence
  • Chapter 3: Capabilities
  • Chapter 4: Nonbinary Analysis
  • Chapter 5: Binary Triage
  • Chapter 6: Analyzing Mach-O binaries [currently reading]

ARM Internals

  • Chapter 1: ARM architecture basics (reference)
  • Chapter 2: CPU and registers (reference)

The content has been amazing so far. But man, what is Objective-C!? I think someone asked “how can we make a crazy version of C?” and then went absolutely wild with brackets and @ symbols. It’s like they wanted to create something very complicated and boy did they nail it!

Right now I’m starting the dynamic analysis section on module 5 of EXP-312, and THIS is where the real fun begins! Finally getting to see these binaries in action instead of just staring at them in a disassembler.

Now being really serious - reading ‘Art of Mac Malware’ gave me a breakthrough moment. The book mentioned that you don’t need to figure out and read every single line of assembly code when reverse engineering; your goal is “to understand its general logic and capabilities, not each and every assembly instruction.” While this was written for malware analysis, I believe the principle applies to exploitation too - focus on the most important functionalities. This was huge for me because I’ve always been intimidated by reverse engineering, thinking I’d need to understand every single line of assembly. Turns out, I don’t!

Sometimes the biggest breakthroughs aren’t technical - they’re mental. Stay curious, friends!