This paper explores the difficulties and possible solutions for landing an initial access payload against MacOS, likely from phishing. There are a number of additional difficulties to consider, compared to crafting an initial access payload, or dropper, for Windows. We'll take a look at each of the technical issues, and then craft a reasonable pretext and payload, targeting the latest MacOS running on M1 silicon.

Coming soon...

twitter: Kirk Trychel (@Teach2Breach)