Tony Gorez
@tony-go.bsky.social
systems engineer @ holepunch ~ macOS internals/security
Pinned
Tony Gorez
@tony-go.bsky.social
· Nov 10
https://tonygo.tech/2024/anti-debu…
After my previous post, I recieved a few comments about ptrace!
I was curious and decided to explore this new track.
In the post:
➡️ I used ptrace to prevent debugger attaching my program
➡️ I dived into xnu sources to reverse-engineer ptrace
⬇️⬇️⬇️⬇️
tonygo.tech/2024/anti-de...
#macos #reverse
I was curious and decided to explore this new track.
In the post:
➡️ I used ptrace to prevent debugger attaching my program
➡️ I dived into xnu sources to reverse-engineer ptrace
⬇️⬇️⬇️⬇️
tonygo.tech/2024/anti-de...
#macos #reverse
I was looking for some faces that I found back here :)
September 5, 2025 at 8:13 PM
I was looking for some faces that I found back here :)
i like to enrich the lib as much as read new stuff in J Levin's book
test(lib/cli): dsym filetype by tony-go · Pull Request #29 · tony-go/macho_re
macho_re is a lightweight command-line tool for parsing and analyzing Mach-O binary files on macOS. - test(lib/cli): dsym filetype by tony-go · Pull Request #29 · tony-go/macho_re
buff.ly
December 21, 2024 at 11:33 AM
i like to enrich the lib as much as read new stuff in J Levin's book
Hey Apple/macOS/iOS Security Specialists! 👋
I'm looking to connect and have a chat with some of you.
Is anyone interested?
I'm looking to connect and have a chat with some of you.
Is anyone interested?
December 9, 2024 at 9:48 AM
Hey Apple/macOS/iOS Security Specialists! 👋
I'm looking to connect and have a chat with some of you.
Is anyone interested?
I'm looking to connect and have a chat with some of you.
Is anyone interested?
Reposted by Tony Gorez
Slides for my @cityjsconf.bsky.social Athens talk today: addaleax.net/cityjs-athen...
addaleax.net
November 29, 2024 at 3:00 PM
Slides for my @cityjsconf.bsky.social Athens talk today: addaleax.net/cityjs-athen...
stick this morning, but I still managed to tweak this: https://buff.ly/49crdaS
November 29, 2024 at 11:56 AM
stick this morning, but I still managed to tweak this: https://buff.ly/49crdaS
Reposted by Tony Gorez
Reposted by Tony Gorez
I'm sure you're already aware of this resource, but in case others aren't, Marco Ivaldi released some nice weggli rules and wrote a blog showing some vulnerabilities he found with them.
github.com/0xdea/weggli...
security.humanativaspa.it/a-collection...
github.com/0xdea/weggli...
security.humanativaspa.it/a-collection...
A collection of weggli patterns for C/C++ vulnerability research - hn security
“No one cares about the old […]
security.humanativaspa.it
November 13, 2024 at 5:18 AM
I'm sure you're already aware of this resource, but in case others aren't, Marco Ivaldi released some nice weggli rules and wrote a blog showing some vulnerabilities he found with them.
github.com/0xdea/weggli...
security.humanativaspa.it/a-collection...
github.com/0xdea/weggli...
security.humanativaspa.it/a-collection...
Yes! I spot a lot of stuff like that.
When opening a Pull Request, I'm the first one to review it. Whenever I push, I spot bugs I added and overlooked before pushing. *Every single time*. Do you review your own PR?
November 12, 2024 at 7:27 PM
Yes! I spot a lot of stuff like that.
This is the first time since I started software engineering that I am really confused about the path I should follow.
I started doing React, then Node, then I dived into systems programming doing Rust, C++.
🧵
I started doing React, then Node, then I dived into systems programming doing Rust, C++.
🧵
November 11, 2024 at 4:49 PM
This is the first time since I started software engineering that I am really confused about the path I should follow.
I started doing React, then Node, then I dived into systems programming doing Rust, C++.
🧵
I started doing React, then Node, then I dived into systems programming doing Rust, C++.
🧵
After my previous post, I recieved a few comments about ptrace!
I was curious and decided to explore this new track.
In the post:
➡️ I used ptrace to prevent debugger attaching my program
➡️ I dived into xnu sources to reverse-engineer ptrace
⬇️⬇️⬇️⬇️
tonygo.tech/2024/anti-de...
#macos #reverse
I was curious and decided to explore this new track.
In the post:
➡️ I used ptrace to prevent debugger attaching my program
➡️ I dived into xnu sources to reverse-engineer ptrace
⬇️⬇️⬇️⬇️
tonygo.tech/2024/anti-de...
#macos #reverse
https://tonygo.tech/2024/anti-debu…
November 10, 2024 at 8:21 AM
After my previous post, I recieved a few comments about ptrace!
I was curious and decided to explore this new track.
In the post:
➡️ I used ptrace to prevent debugger attaching my program
➡️ I dived into xnu sources to reverse-engineer ptrace
⬇️⬇️⬇️⬇️
tonygo.tech/2024/anti-de...
#macos #reverse
I was curious and decided to explore this new track.
In the post:
➡️ I used ptrace to prevent debugger attaching my program
➡️ I dived into xnu sources to reverse-engineer ptrace
⬇️⬇️⬇️⬇️
tonygo.tech/2024/anti-de...
#macos #reverse
Reposted by Tony Gorez
This awesome fuzzing blog post by @r00tkitsmm.bsky.social covers a super reliable macOS kernel binary rewriting to instrument any KEXT or XNU at BB or edge level. Mandatory reading for anyone interested in fuzzing whether you use MacOS or not. So many good system internals and fuzzing references!
Pishi: Coverage guided macOS KEXT fuzzing.
This blog post is the result of some weekend research, where I delved into Pishi, a static macOS kernel binary rewriting tool. During the weekdays, I focus on Linux kernel security at my job and would...
r00tkitsmm.github.io
November 10, 2024 at 2:21 AM
This awesome fuzzing blog post by @r00tkitsmm.bsky.social covers a super reliable macOS kernel binary rewriting to instrument any KEXT or XNU at BB or edge level. Mandatory reading for anyone interested in fuzzing whether you use MacOS or not. So many good system internals and fuzzing references!
Reposted by Tony Gorez
November 9, 2024 at 6:06 PM
having a C++ unified API, wrapping platform specific abstracts is one of the most challenging job I had to do!
November 9, 2024 at 9:12 AM
having a C++ unified API, wrapping platform specific abstracts is one of the most challenging job I had to do!