Blog

How to systematically extract struct field offsets from Apple's stripped XNU kernelcache using static analysis alone.

A hands-on exploration of Pointer Authentication Codes (PAC) on iOS. We'll understand how PAC works at a deep level, explore how PAC signing can be triggered programmatically.

How does Predator spyware transform from running code into active surveillance? This technical deep-dive reverse-engineers the internal factory architecture that dynamically creates camera monitoring, VoIP interception, and keylogging modules through Unix socket commands revealing the infrastructure between exploitation and surveillance

A complete walkthrough of the 8ksec "FridaInTheMiddle" challenge: bypassing Frida detection, hooking Swift functions, and intercepting arguments on a jailbroken iPhone.

How to find pre defined macros in macOS system sandbox profiles?

How to extract the content of a malicious macOS pkg installer and reverse engineer it?

This tutorial is designed for developers and security enthusiasts who want to approach LLDB, through a practical exercise.