SlideShare a Scribd company logo

Abusing & Securing XPC in macOS apps

SecuRing
SecuRing

XPC is a well-known interprocess communication mechanism used on Apple devices. Abusing XPC led to many severe bugs, including those used in jailbreaks. While the XPC bugs in Apple's components are harder and harder to exploit, did we look at non-Apple apps on macOS? As it turns out, vulnerable apps are everywhere - Anti Viruses, Messengers, Privacy tools, Firewalls, and more. This presentation: 1.Explain how XPC/NSXPC work 2.Present you some of my findings in popular macOS apps (e.g. local privilege escalation to r00t) 3.Abuse an interesting feature on Catalina allowing to inject an unsigned dylib 4.Show you how to fix that vulnz finally!

Software
1 of 50
Download to read offline
www.securing.biz Wojciech Reguła Abusing & Securing XPC in macOS apps XPC
www.securing.bizwww.securing.biz WHOAMI -Senior IT Security Consultant @ SecuRing -Focused on iOS apps security -Blogger https://wojciechregula.blog/ -iOS Security Suite creator @_r3ggi wojciech.regula@securing.pl
www.securing.bizwww.securing.biz XPC VULNERABILITIES ARE EVERYWHERE
www.securing.bizwww.securing.biz AGENDA 1. Introduction to XPC 2. Building secure Helper 3. Exploiting previous step 4. Hardening 5. IF bypass_available() { GOTO 2. } 6. Summary
www.securing.bizwww.securing.biz (NS)XPC - Fundamental IPC mechanism in Apple environment - Built on top of Mach messages - Dictionary based communication - Possible multiple clients and one server - You can send and serialize ObjC/Swift objects
www.securing.bizwww.securing.biz Server
www.securing.bizwww.securing.biz Client
www.securing.bizwww.securing.biz INTER-PROCESS COMMUNICATION Application Privileged XPC server
www.securing.bizwww.securing.biz uid=501 (user) uid=0 (root)
www.securing.bizwww.securing.biz LOCATIONS OF THE XPC SERVERS - /Library/PrivilegedHelperTools - /Library/LaunchDaemons - /Library/LaunchAgents
www.securing.bizwww.securing.biz TIME FOR EXPLOITATION
www.securing.bizwww.securing.biz BUG #1 – NO CLIENT VALIDATION
www.securing.bizwww.securing.biz Malicious Application uid= 501 (user) Privileged XPC server uid = 0 (root) 😈 Perform privileged action for me OK, I don’t even verify you
www.securing.bizwww.securing.biz BUG #1 – NO CLIENT VALIDATION Bug found by Adam Chester (@_xpn_) Methods exposed: - remove - move - createDirectory - addToPath - kextInstall Keybase.io
www.securing.bizwww.securing.biz BUG #1 – NO CLIENT VALIDATION
www.securing.bizwww.securing.biz BUG #1 – FIX
www.securing.bizwww.securing.biz BUG #2 – POOR SIGNATURE CHECK
www.securing.bizwww.securing.biz BUG #2 – POOR SIGNATURE CHECK - Checking only bundle ID - Verifying only static code - Using kSecCSBasicValidateOnly flag - Too loose SecRequirement string - and more…
www.securing.bizwww.securing.biz
www.securing.bizwww.securing.biz Exposed methods: - uninstallDaemon - terminateDaemonWithOptions - deleteQuarantineItemsWithInfo - quarantineItemsWithInfo - cancelScan - startScanWithPaths - getDaemonInfoWithOptions
www.securing.bizwww.securing.biz BUG #2 – FIX
www.securing.bizwww.securing.biz BUG #3 – USING PID TO GET CODE OBJECT Kudos for Samuel Groß (@5aelo) and Ian Beer (@I41nbeer) 👏
www.securing.bizwww.securing.biz pid: 1337 😈 Perform privileged action
www.securing.bizwww.securing.biz pid: 1337 😈 1. Get process identifier of the client 2. Create code object basing on that PID 3. Perform signature check 4. isValid() -> false 5. Invalidating the XPC connection INVALIDATED
www.securing.bizwww.securing.biz pid: 1337 😈 😈 fork() fork() fork() fork() pid: 1338 pid: 1339 pid: 1340 pid: 1341 😈 😈 😈
www.securing.bizwww.securing.biz pid: 1337 😈 😈 fork() fork() fork() fork() pid: 1338 pid: 1339 pid: 1340 pid: 1341 Perform privileged action 😈 😈 😈 Perform privileged action Perform privileged action Perform privileged action
www.securing.bizwww.securing.biz 1. Get process identifier of the client 2. Create code object based on that PID 😇 3. Perform signature check 4. isValid() -> true 5. Establish valid connection connection1 connection2 connection3 connection4 XPC connections queue
www.securing.bizwww.securing.biz Change process’ image to the legit executable using posix_spawn() 😈 😇
www.securing.bizwww.securing.biz pid: 1337 😈 😈 fork() fork() fork() fork() pid: 1338 pid: 1339 pid: 1340 pid: 1341 😈 😈 😈 Perform privileged action 😇 INVALIDATED INVALIDATED INVALIDATED
www.securing.bizwww.securing.biz Exposed methods: - removeWithFile - copyWithSource Avast Cleanup
www.securing.bizwww.securing.biz Exposed methods: - startDatabaseUpdate - restoreApplicationLauncherWithCompletion - uninstallProduct - installProductUpdate - startProductUpdateWith - buildPurchaseSiteURLWithCompletion - triggerLicenseRelatedChecks - buildRenewalLinkWith - cancelTrialWith - startTrialWith - applyLicenseWith - controlProtectionWithRawFeatures - confirmScanJobWith - resumeScanJob - pauseScanJob - stopScanJob - startScanJob - disposeOperationBy - pingWithTag Malwarebytes
www.securing.bizwww.securing.biz
www.securing.bizwww.securing.biz BUG #3 – FIX
www.securing.bizwww.securing.biz BUG #3 – FIX
www.securing.bizwww.securing.biz BUG #4 – NO CODE INJECTION PREVENTION
www.securing.bizwww.securing.biz BUG #4 – NO CODE INJECTION PREVENTION 1. Get audit token of the client 2. Create code object based on that token 3. Perform signature check 4. isValid() -> false 5. Invalidating the XPC connection
www.securing.bizwww.securing.biz BUG #4 – NO CODE INJECTION PREVENTION - Apple’s signature checking API doesn’t detect: • code injected with DYLD_INSERT_LIBRARIES • or via task_for_pid() neither…
www.securing.bizwww.securing.biz LuLu Exposed methods: - loadKext - getPreferences - updatePreferences - getRules - addRule - updateRule - deleteRule - importRules - alertReply
www.securing.bizwww.securing.biz
www.securing.bizwww.securing.biz
www.securing.bizwww.securing.biz
www.securing.bizwww.securing.biz BYPASSING APPS WITH HARDENED RUNTIME - SecRequirement(Certificate[teamID]) -> inject to another app from the same company - SecRequirement(Certificate[teamID] + bundleID) -> inject to older version of the app without hardened runtime 😉 - Also, look for following problematic entitlements: - com.apple.security.get-task-allow - com.apple.security.disable-library-validation
www.securing.bizwww.securing.biz DEMO 🎦 HTTPS://VIMEO.COM/397568495
www.securing.bizwww.securing.biz BUG #4 – FIX …
www.securing.bizwww.securing.biz SUMMARY
www.securing.bizwww.securing.biz SECURING XPC SERVICES - GUIDELINE 1. [Client] Turn on hardened runtime and notarize your clients 2. [Server] Verify if the clients have been properly signed using restrictive SecRequirement string 3. [Server] Create Sec(Static)Code objects from audit tokens 4. [Server] Check if the clients have the hardened runtime capability turned on 5. [Server] Make sure if the clients are not signed with entitlements that may allow bypassing the hardened runtime @_r3ggi wojciech.regula@securing.pl
www.securing.bizwww.securing.biz OPEN SOURCING SECURE PRIVILEGED HELPER EXAMPLE @_r3ggi wojciech.regula@securing.pl https://github.com/securing
www.securing.bizwww.securing.biz OPEN SOURCING THE SECURE HELPER
www.securing.bizwww.securing.biz REFERENCES - https://hackerone.com/reports/397478 - https://bugs.chromium.org/p/project-zero/issues/detail?id=1223 - https://saelo.github.io/presentations/warcon18_dont_trust_the_pid.pdf - https://blog.obdev.at/what-we-have-learned-from-a-vulnerability/ - https://developer.apple.com/documentation/xcode/notarizing_macos_soft ware_before_distribution - https://github.com/erikberglund/SwiftPrivilegedHelper - https://developer.apple.com/videos/play/wwdc2019/701/
www.securing.biz SecuRing Kalwaryjska 65/6 30-504 Kraków, Poland info@securing.pl tel. +48 124252575 http://www.securing.biz/ Contact Wojciech Reguła wojciech.regula@securing.pl @_r3ggi wojciech-regula

Recommended

Same Origin Method Execution (BlackHat EU2014)
Same Origin Method Execution (BlackHat EU2014)Same Origin Method Execution (BlackHat EU2014)
Same Origin Method Execution (BlackHat EU2014)Ben Hayak
 
Gareth hayes. non alphanumeric javascript-php and shared fuzzing
Gareth hayes. non alphanumeric javascript-php and shared fuzzingGareth hayes. non alphanumeric javascript-php and shared fuzzing
Gareth hayes. non alphanumeric javascript-php and shared fuzzingYury Chemerkin
 
Ceh v5 module 15 hacking wireless networks
Ceh v5 module 15 hacking wireless networksCeh v5 module 15 hacking wireless networks
Ceh v5 module 15 hacking wireless networksVi Tính Hoàng Nam
 
"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy
"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy
"15 Technique to Exploit File Upload Pages", Ebrahim HegazyHackIT Ukraine
 
Super Easy Memory Forensics
Super Easy Memory ForensicsSuper Easy Memory Forensics
Super Easy Memory ForensicsIIJ
 
Zap vs burp
Zap vs burpZap vs burp
Zap vs burpTomasz Fajks
 
Dynamic Linker
Dynamic LinkerDynamic Linker
Dynamic LinkerSanjiv Malik
 
HTTP Request Smuggling via higher HTTP versions
HTTP Request Smuggling via higher HTTP versionsHTTP Request Smuggling via higher HTTP versions
HTTP Request Smuggling via higher HTTP versionsneexemil
 

Recommended

Same Origin Method Execution (BlackHat EU2014)
Same Origin Method Execution (BlackHat EU2014)Same Origin Method Execution (BlackHat EU2014)
Same Origin Method Execution (BlackHat EU2014)Ben Hayak
 
Gareth hayes. non alphanumeric javascript-php and shared fuzzing
Gareth hayes. non alphanumeric javascript-php and shared fuzzingGareth hayes. non alphanumeric javascript-php and shared fuzzing
Gareth hayes. non alphanumeric javascript-php and shared fuzzingYury Chemerkin
 
Ceh v5 module 15 hacking wireless networks
Ceh v5 module 15 hacking wireless networksCeh v5 module 15 hacking wireless networks
Ceh v5 module 15 hacking wireless networksVi Tính Hoàng Nam
 
"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy
"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy
"15 Technique to Exploit File Upload Pages", Ebrahim HegazyHackIT Ukraine
 
Super Easy Memory Forensics
Super Easy Memory ForensicsSuper Easy Memory Forensics
Super Easy Memory ForensicsIIJ
 
Zap vs burp
Zap vs burpZap vs burp
Zap vs burpTomasz Fajks
 
Dynamic Linker
Dynamic LinkerDynamic Linker
Dynamic LinkerSanjiv Malik
 
HTTP Request Smuggling via higher HTTP versions
HTTP Request Smuggling via higher HTTP versionsHTTP Request Smuggling via higher HTTP versions
HTTP Request Smuggling via higher HTTP versionsneexemil
 
(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory Pwnage(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory PwnagePetros Koutroumpis
 
Security Testing with Zap
Security Testing with ZapSecurity Testing with Zap
Security Testing with ZapSoluto
 
OWASP AppSecCali 2015 - Marshalling Pickles
OWASP AppSecCali 2015 - Marshalling PicklesOWASP AppSecCali 2015 - Marshalling Pickles
OWASP AppSecCali 2015 - Marshalling PicklesChristopher Frohoff
 
Android Hacking
Android HackingAndroid Hacking
Android Hackingantitree
 
Waf bypassing Techniques
Waf bypassing TechniquesWaf bypassing Techniques
Waf bypassing TechniquesAvinash Thapa
 
Troopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can YouTroopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can YouDouglas Bienstock
 
aclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundaclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundDirkjanMollema
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemRoss Wolf
 
A Forgotten HTTP Invisibility Cloak
A Forgotten HTTP Invisibility CloakA Forgotten HTTP Invisibility Cloak
A Forgotten HTTP Invisibility CloakSoroush Dalili
 
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourWAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourSoroush Dalili
 
Offzone | Another waf bypass
Offzone | Another waf bypassOffzone | Another waf bypass
Offzone | Another waf bypassДмитрий Бумов
 
eBPF in the view of a storage developer
eBPF in the view of a storage developereBPF in the view of a storage developer
eBPF in the view of a storage developerRichárd Kovács
 
Web Cache Deception Attack
Web Cache Deception AttackWeb Cache Deception Attack
Web Cache Deception AttackOmer Gil
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferayArmel Nene
 
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle BotbolAPIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbolapidays
 
Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...Codemotion
 
Introduction to Windows Dictionary Attacks
Introduction to Windows Dictionary AttacksIntroduction to Windows Dictionary Attacks
Introduction to Windows Dictionary AttacksScott Sutherland
 
Command injection
Command injectionCommand injection
Command injectionpenetration Tester
 
Hunting for security bugs in AEM webapps
Hunting for security bugs in AEM webappsHunting for security bugs in AEM webapps
Hunting for security bugs in AEM webappsMikhail Egorov
 
File upload vulnerabilities & mitigation
File upload vulnerabilities & mitigationFile upload vulnerabilities & mitigation
File upload vulnerabilities & mitigationOnwukike Chinedu. CISA, CEH, COBIT5 LI, CCNP
 
Building & Hacking Modern iOS Apps
Building & Hacking Modern iOS AppsBuilding & Hacking Modern iOS Apps
Building & Hacking Modern iOS AppsSecuRing
 
Building&Hacking modern iOS apps
Building&Hacking modern iOS appsBuilding&Hacking modern iOS apps
Building&Hacking modern iOS appsSecuRing
 

More Related Content

What's hot

(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory Pwnage(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory PwnagePetros Koutroumpis
 
Security Testing with Zap
Security Testing with ZapSecurity Testing with Zap
Security Testing with ZapSoluto
 
OWASP AppSecCali 2015 - Marshalling Pickles
OWASP AppSecCali 2015 - Marshalling PicklesOWASP AppSecCali 2015 - Marshalling Pickles
OWASP AppSecCali 2015 - Marshalling PicklesChristopher Frohoff
 
Android Hacking
Android HackingAndroid Hacking
Android Hackingantitree
 
Waf bypassing Techniques
Waf bypassing TechniquesWaf bypassing Techniques
Waf bypassing TechniquesAvinash Thapa
 
Troopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can YouTroopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can YouDouglas Bienstock
 
aclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundaclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundDirkjanMollema
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemRoss Wolf
 
A Forgotten HTTP Invisibility Cloak
A Forgotten HTTP Invisibility CloakA Forgotten HTTP Invisibility Cloak
A Forgotten HTTP Invisibility CloakSoroush Dalili
 
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourWAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourSoroush Dalili
 
eBPF in the view of a storage developer
eBPF in the view of a storage developereBPF in the view of a storage developer
eBPF in the view of a storage developerRichárd Kovács
 
Web Cache Deception Attack
Web Cache Deception AttackWeb Cache Deception Attack
Web Cache Deception AttackOmer Gil
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferayArmel Nene
 
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle BotbolAPIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbolapidays
 
Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...Codemotion
 
Introduction to Windows Dictionary Attacks
Introduction to Windows Dictionary AttacksIntroduction to Windows Dictionary Attacks
Introduction to Windows Dictionary AttacksScott Sutherland
 
Hunting for security bugs in AEM webapps
Hunting for security bugs in AEM webappsHunting for security bugs in AEM webapps
Hunting for security bugs in AEM webappsMikhail Egorov
 

What's hot (20)

(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory Pwnage(Ab)Using GPOs for Active Directory Pwnage
(Ab)Using GPOs for Active Directory Pwnage
 
Security Testing with Zap
Security Testing with ZapSecurity Testing with Zap
Security Testing with Zap
 
OWASP AppSecCali 2015 - Marshalling Pickles
OWASP AppSecCali 2015 - Marshalling PicklesOWASP AppSecCali 2015 - Marshalling Pickles
OWASP AppSecCali 2015 - Marshalling Pickles
 
Android Hacking
Android HackingAndroid Hacking
Android Hacking
 
Waf bypassing Techniques
Waf bypassing TechniquesWaf bypassing Techniques
Waf bypassing Techniques
 
Troopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can YouTroopers 19 - I am AD FS and So Can You
Troopers 19 - I am AD FS and So Can You
 
aclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundaclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHound
 
Fantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find ThemFantastic Red Team Attacks and How to Find Them
Fantastic Red Team Attacks and How to Find Them
 
A Forgotten HTTP Invisibility Cloak
A Forgotten HTTP Invisibility CloakA Forgotten HTTP Invisibility Cloak
A Forgotten HTTP Invisibility Cloak
 
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ BehaviourWAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
 
Offzone | Another waf bypass
Offzone | Another waf bypassOffzone | Another waf bypass
Offzone | Another waf bypass
 
eBPF in the view of a storage developer
eBPF in the view of a storage developereBPF in the view of a storage developer
eBPF in the view of a storage developer
 
Web Cache Deception Attack
Web Cache Deception AttackWeb Cache Deception Attack
Web Cache Deception Attack
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferay
 
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle BotbolAPIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
APIsecure 2023 - Android Applications and API Hacking, Gabrielle Botbol
 
Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...Secure Coding principles by example: Build Security In from the start - Carlo...
Secure Coding principles by example: Build Security In from the start - Carlo...
 
Introduction to Windows Dictionary Attacks
Introduction to Windows Dictionary AttacksIntroduction to Windows Dictionary Attacks
Introduction to Windows Dictionary Attacks
 
Command injection
Command injectionCommand injection
Command injection
 
Hunting for security bugs in AEM webapps
Hunting for security bugs in AEM webappsHunting for security bugs in AEM webapps
Hunting for security bugs in AEM webapps
 
File upload vulnerabilities & mitigation
File upload vulnerabilities & mitigationFile upload vulnerabilities & mitigation
File upload vulnerabilities & mitigation
 

Similar to Abusing & Securing XPC in macOS apps

Building & Hacking Modern iOS Apps
Building & Hacking Modern iOS AppsBuilding & Hacking Modern iOS Apps
Building & Hacking Modern iOS AppsSecuRing
 
Building&Hacking modern iOS apps
Building&Hacking modern iOS appsBuilding&Hacking modern iOS apps
Building&Hacking modern iOS appsSecuRing
 
DEF CON 23: Stick That In Your (root)Pipe & Smoke It
DEF CON 23: Stick That In Your (root)Pipe & Smoke ItDEF CON 23: Stick That In Your (root)Pipe & Smoke It
DEF CON 23: Stick That In Your (root)Pipe & Smoke ItSynack
 
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
They Ought to Know Better: Exploiting Security Gateways via Their Web InterfacesThey Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfacesmichelemanzotti
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Softwaredefconmoscow
 
CI / CD / CS - Continuous Security in Kubernetes
CI / CD / CS - Continuous Security in KubernetesCI / CD / CS - Continuous Security in Kubernetes
CI / CD / CS - Continuous Security in KubernetesSysdig
 
Embedded systems
Embedded systems Embedded systems
Embedded systems Katy Anton
 
Flask jwt authentication tutorial
Flask jwt authentication tutorialFlask jwt authentication tutorial
Flask jwt authentication tutorialKaty Slemon
 
Cisco Malware: A new risk to consider in perimeter security designs
Cisco Malware: A new risk to consider in perimeter security designsCisco Malware: A new risk to consider in perimeter security designs
Cisco Malware: A new risk to consider in perimeter security designsManuel Santander
 
Infrastructure as Code in your CD pipelines - London Microsoft DevOps 0423
Infrastructure as Code in your CD pipelines - London Microsoft DevOps 0423Infrastructure as Code in your CD pipelines - London Microsoft DevOps 0423
Infrastructure as Code in your CD pipelines - London Microsoft DevOps 0423Giulio Vian
 
Building Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisBuilding Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisFIWARE
 
Ato2019 weave-services-istio
Ato2019 weave-services-istioAto2019 weave-services-istio
Ato2019 weave-services-istioLin Sun
 
All Things Open 2019 weave-services-istio
All Things Open 2019 weave-services-istioAll Things Open 2019 weave-services-istio
All Things Open 2019 weave-services-istioLin Sun
 
Weave Your Microservices with Istio
Weave Your Microservices with IstioWeave Your Microservices with Istio
Weave Your Microservices with IstioAll Things Open
 
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложениеJS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложениеJSFestUA
 
Penetrating Windows 8 with syringe utility
Penetrating Windows 8 with syringe utilityPenetrating Windows 8 with syringe utility
Penetrating Windows 8 with syringe utilityIOSR Journals
 
6 ways to hack your JavaScript application by Viktor Turskyi
6 ways to hack your JavaScript application by Viktor Turskyi 6 ways to hack your JavaScript application by Viktor Turskyi
6 ways to hack your JavaScript application by Viktor Turskyi OdessaJS Conf
 

Similar to Abusing & Securing XPC in macOS apps (20)

Building & Hacking Modern iOS Apps
Building & Hacking Modern iOS AppsBuilding & Hacking Modern iOS Apps
Building & Hacking Modern iOS Apps
 
Building&Hacking modern iOS apps
Building&Hacking modern iOS appsBuilding&Hacking modern iOS apps
Building&Hacking modern iOS apps
 
DEF CON 23: Stick That In Your (root)Pipe & Smoke It
DEF CON 23: Stick That In Your (root)Pipe & Smoke ItDEF CON 23: Stick That In Your (root)Pipe & Smoke It
DEF CON 23: Stick That In Your (root)Pipe & Smoke It
 
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
They Ought to Know Better: Exploiting Security Gateways via Their Web InterfacesThey Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Software
 
CI / CD / CS - Continuous Security in Kubernetes
CI / CD / CS - Continuous Security in KubernetesCI / CD / CS - Continuous Security in Kubernetes
CI / CD / CS - Continuous Security in Kubernetes
 
Embedded systems
Embedded systems Embedded systems
Embedded systems
 
Javacro 2014 Spring Security 3 Speech
Javacro 2014 Spring Security 3 SpeechJavacro 2014 Spring Security 3 Speech
Javacro 2014 Spring Security 3 Speech
 
How to use shodan more powerful
How to use shodan more powerful How to use shodan more powerful
How to use shodan more powerful
 
Flask jwt authentication tutorial
Flask jwt authentication tutorialFlask jwt authentication tutorial
Flask jwt authentication tutorial
 
Cisco Malware: A new risk to consider in perimeter security designs
Cisco Malware: A new risk to consider in perimeter security designsCisco Malware: A new risk to consider in perimeter security designs
Cisco Malware: A new risk to consider in perimeter security designs
 
Power ai image-pipeline
Power ai image-pipelinePower ai image-pipeline
Power ai image-pipeline
 
Infrastructure as Code in your CD pipelines - London Microsoft DevOps 0423
Infrastructure as Code in your CD pipelines - London Microsoft DevOps 0423Infrastructure as Code in your CD pipelines - London Microsoft DevOps 0423
Infrastructure as Code in your CD pipelines - London Microsoft DevOps 0423
 
Building Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisBuilding Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEis
 
Ato2019 weave-services-istio
Ato2019 weave-services-istioAto2019 weave-services-istio
Ato2019 weave-services-istio
 
All Things Open 2019 weave-services-istio
All Things Open 2019 weave-services-istioAll Things Open 2019 weave-services-istio
All Things Open 2019 weave-services-istio
 
Weave Your Microservices with Istio
Weave Your Microservices with IstioWeave Your Microservices with Istio
Weave Your Microservices with Istio
 
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложениеJS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
 
Penetrating Windows 8 with syringe utility
Penetrating Windows 8 with syringe utilityPenetrating Windows 8 with syringe utility
Penetrating Windows 8 with syringe utility
 
6 ways to hack your JavaScript application by Viktor Turskyi
6 ways to hack your JavaScript application by Viktor Turskyi 6 ways to hack your JavaScript application by Viktor Turskyi
6 ways to hack your JavaScript application by Viktor Turskyi
 

More from SecuRing

Developer in a digital crosshair, 2023 edition - 4Developers
Developer in a digital crosshair, 2023 edition - 4DevelopersDeveloper in a digital crosshair, 2023 edition - 4Developers
Developer in a digital crosshair, 2023 edition - 4DevelopersSecuRing
 
Developer in a digital crosshair, 2022 edition - Oh My H@ck!
Developer in a digital crosshair, 2022 edition - Oh My H@ck!Developer in a digital crosshair, 2022 edition - Oh My H@ck!
Developer in a digital crosshair, 2022 edition - Oh My H@ck!SecuRing
 
Developer in a digital crosshair, 2022 edition - No cON Name
Developer in a digital crosshair, 2022 edition - No cON NameDeveloper in a digital crosshair, 2022 edition - No cON Name
Developer in a digital crosshair, 2022 edition - No cON NameSecuRing
 
Is persistency on serverless even possible?!
Is persistency on serverless even possible?!Is persistency on serverless even possible?!
Is persistency on serverless even possible?!SecuRing
 
What happens on your Mac, stays on Apple’s iCloud?!
What happens on your Mac, stays on Apple’s iCloud?!What happens on your Mac, stays on Apple’s iCloud?!
What happens on your Mac, stays on Apple’s iCloud?!SecuRing
 
0-Day Up Your Sleeve - Attacking macOS Environments
0-Day Up Your Sleeve - Attacking macOS Environments0-Day Up Your Sleeve - Attacking macOS Environments
0-Day Up Your Sleeve - Attacking macOS EnvironmentsSecuRing
 
Developer in a digital crosshair, 2022 edition
Developer in a digital crosshair, 2022 editionDeveloper in a digital crosshair, 2022 edition
Developer in a digital crosshair, 2022 editionSecuRing
 
20+ Ways To Bypass Your Macos Privacy Mechanisms
20+ Ways To Bypass Your Macos Privacy Mechanisms20+ Ways To Bypass Your Macos Privacy Mechanisms
20+ Ways To Bypass Your Macos Privacy MechanismsSecuRing
 
How secure are webinar platforms?
How secure are webinar platforms?How secure are webinar platforms?
How secure are webinar platforms?SecuRing
 
20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy MechanismsSecuRing
 
Serverless security: attack & defense
Serverless security: attack & defense Serverless security: attack & defense
Serverless security: attack & defenseSecuRing
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsSecuRing
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsSecuRing
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleSecuRing
 
Attacking AWS: the full cyber kill chain
Attacking AWS: the full cyber kill chainAttacking AWS: the full cyber kill chain
Attacking AWS: the full cyber kill chainSecuRing
 
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsWeb Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsSecuRing
 
Budowanie i hakowanie nowoczesnych aplikacji iOS
Budowanie i hakowanie nowoczesnych aplikacji iOSBudowanie i hakowanie nowoczesnych aplikacji iOS
Budowanie i hakowanie nowoczesnych aplikacji iOSSecuRing
 
We need t go deeper - Testing inception apps.
We need t go deeper - Testing inception apps.We need t go deeper - Testing inception apps.
We need t go deeper - Testing inception apps.SecuRing
 
Artificial Intelligence – a buzzword, new era of IT or new threats?
Artificial Intelligence – a buzzword, new era of IT or new threats?Artificial Intelligence – a buzzword, new era of IT or new threats?
Artificial Intelligence – a buzzword, new era of IT or new threats?SecuRing
 
Czy S w PSD2 znaczy Secure?
Czy S w PSD2 znaczy Secure?Czy S w PSD2 znaczy Secure?
Czy S w PSD2 znaczy Secure?SecuRing
 

More from SecuRing (20)

Developer in a digital crosshair, 2023 edition - 4Developers
Developer in a digital crosshair, 2023 edition - 4DevelopersDeveloper in a digital crosshair, 2023 edition - 4Developers
Developer in a digital crosshair, 2023 edition - 4Developers
 
Developer in a digital crosshair, 2022 edition - Oh My H@ck!
Developer in a digital crosshair, 2022 edition - Oh My H@ck!Developer in a digital crosshair, 2022 edition - Oh My H@ck!
Developer in a digital crosshair, 2022 edition - Oh My H@ck!
 
Developer in a digital crosshair, 2022 edition - No cON Name
Developer in a digital crosshair, 2022 edition - No cON NameDeveloper in a digital crosshair, 2022 edition - No cON Name
Developer in a digital crosshair, 2022 edition - No cON Name
 
Is persistency on serverless even possible?!
Is persistency on serverless even possible?!Is persistency on serverless even possible?!
Is persistency on serverless even possible?!
 
What happens on your Mac, stays on Apple’s iCloud?!
What happens on your Mac, stays on Apple’s iCloud?!What happens on your Mac, stays on Apple’s iCloud?!
What happens on your Mac, stays on Apple’s iCloud?!
 
0-Day Up Your Sleeve - Attacking macOS Environments
0-Day Up Your Sleeve - Attacking macOS Environments0-Day Up Your Sleeve - Attacking macOS Environments
0-Day Up Your Sleeve - Attacking macOS Environments
 
Developer in a digital crosshair, 2022 edition
Developer in a digital crosshair, 2022 editionDeveloper in a digital crosshair, 2022 edition
Developer in a digital crosshair, 2022 edition
 
20+ Ways To Bypass Your Macos Privacy Mechanisms
20+ Ways To Bypass Your Macos Privacy Mechanisms20+ Ways To Bypass Your Macos Privacy Mechanisms
20+ Ways To Bypass Your Macos Privacy Mechanisms
 
How secure are webinar platforms?
How secure are webinar platforms?How secure are webinar platforms?
How secure are webinar platforms?
 
20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms
 
Serverless security: attack & defense
Serverless security: attack & defense Serverless security: attack & defense
Serverless security: attack & defense
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standardsWebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scale
 
Attacking AWS: the full cyber kill chain
Attacking AWS: the full cyber kill chainAttacking AWS: the full cyber kill chain
Attacking AWS: the full cyber kill chain
 
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsWeb Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
 
Budowanie i hakowanie nowoczesnych aplikacji iOS
Budowanie i hakowanie nowoczesnych aplikacji iOSBudowanie i hakowanie nowoczesnych aplikacji iOS
Budowanie i hakowanie nowoczesnych aplikacji iOS
 
We need t go deeper - Testing inception apps.
We need t go deeper - Testing inception apps.We need t go deeper - Testing inception apps.
We need t go deeper - Testing inception apps.
 
Artificial Intelligence – a buzzword, new era of IT or new threats?
Artificial Intelligence – a buzzword, new era of IT or new threats?Artificial Intelligence – a buzzword, new era of IT or new threats?
Artificial Intelligence – a buzzword, new era of IT or new threats?
 
Czy S w PSD2 znaczy Secure?
Czy S w PSD2 znaczy Secure?Czy S w PSD2 znaczy Secure?
Czy S w PSD2 znaczy Secure?
 

Recently uploaded

WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...masabamasaba
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...masabamasaba
 
tonesoftg
tonesoftgtonesoftg
tonesoftglanshi9
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareJim McKeeth
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...masabamasaba
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...masabamasaba
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is insideshinachiaurasa2
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisamasabamasaba
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Hararemasabamasaba
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentVictorSzoltysek
 

Recently uploaded (20)

WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
 

Abusing & Securing XPC in macOS apps