Hacking macOS: How to Perform Situational Awareness Attacks, Part 1 (Using System Profiler & ARP)

The first few minutes after gaining access to a MacBook are critical — but where do we begin? Using tools built into macOS, we can develop an in-depth understanding of running background processes, detect antivirus software, locate sensitive files, and fingerprint other devices on the network. All of this can be done without installing additional software or modifying any files. What Is Situational Awareness? During most red team engagements, after compromising a target, pentester's will often find they need to learn as much about the device and its network surroundings as possible. This is... more