core-jmp

core-jmp

death of core jump

  • Home
  • windows
  • Reverse Engineering
  • exploitation
  • shellcode
  • About
  • Privacy Policy

HomeBoot ROM

Posts in category: Boot ROM

Booting into Trust: Reverse Engineering macOS Secure Boot Internals

Booting into Trust: Reverse Engineering macOS Secure Boot Internals

March 20, 2026
by oxfemale Apple SiliconBoot ROMfirmwareHardwarekernel-modeMacOSReverse EngineeringSecure BootXNU Kernel

The article analyzes the macOS secure boot chain on Apple Silicon, showing how Boot ROM, cryptographic verification, Secure Enclave, and staged bootloaders create a hardware-anchored chain-of-trust that protects the OS from power-on to kernel startup.

Read More

Recent Posts

  • TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy in the Era of AI Assisted Reverse Engineering
  • Booting into Trust: Reverse Engineering macOS Secure Boot Internals
  • Invisible Execution: Hiding Malware with Unwind Metadata Manipulation
  • ODR: Internals of Microsoft’s New Native MCP Registration
  • NT AFD.SYS HTTP Downloader: From First Syscall to bypass the majority of usermode EDR hooks

Archives

  • March 2026
  • February 2026
  • January 2026
  • November 2025
  • September 2025

Active Directory Binary Analysis byovd bypass cpp Detection Engineering dll EDR EDRBypass EDR Evasion EDREvasion Embedded Security Embedded Systems escalation Exploit Development firmware Firmware Analysis Hardware Hacking injection IoT Security Kernel Debugging Kernel Drivers Malware Development Offensive Security poc Post-Exploitation PPL Privilege Escalation red team RedTeam Red Teaming Reverse Engineering ROP Secure Boot Security Research shellcode system Vulnerability Research winapi WinDBG windows Windows Internals Windows Kernel Windows security WindowsSecurity

Categories

  • access
  • ACE
  • ACL
  • Active Directory
  • AD CS
  • Administrator
  • AI Agents
  • alloc
  • ALPC
  • Antivirus
  • APC
  • Apple Silicon
  • ASM
  • ASR
  • attaks
  • Audio
  • AV
  • BitLocker
  • Bluetooth
  • Boot ROM
  • Broadcom
  • BSoD
  • buffer overflow
  • BYOUD
  • BYOVD
  • Bypassing
  • Cache
  • Callbacks
  • CLFS
  • cmd
  • COM
  • Containers
  • Cortex XDR
  • cpp
  • CPU
  • Credential Attacks
  • Crypt
  • Cryptography
  • CryptoPro
  • Debug
  • Defender
  • DEP
  • DFIR
  • DMA
  • Driver
  • dump
  • EDR
  • Encryption
  • Escalation
  • ESP32
  • Evasion
  • Eventlog
  • exploitation
  • filesystem
  • firmware
  • Flash
  • Gadgets
  • GATT
  • Ghidra
  • Hardware
  • Hooking
  • impact
  • Injection
  • IOCTL
  • IoT
  • kernel
  • kernel-mode
  • Library
  • Linux
  • LNK
  • Loader
  • LOLExfil
  • LSA
  • LSASS
  • MacOS
  • Malware
  • MCP
  • MS-DOS
  • MS-EVEN
  • MS-LSAD
  • MS-SAMR
  • Network
  • ODR
  • Palo Alto
  • PBA
  • PCI
  • PEB
  • Penetration Testing
  • Plugins
  • PoC
  • powershell
  • powershell
  • PPL
  • Privilege
  • Protection
  • PXE
  • Python
  • QEMU
  • RCE
  • RedTeam
  • Registry
  • Reverse Engineering
  • root
  • ROP
  • RPC
  • RTTI
  • Rust
  • SAM
  • Secure Boot
  • Security
  • shellcode
  • Shortcut
  • STM32H5
  • TCP/IP
  • TEB
  • Telegram
  • TPM
  • UAC
  • UART
  • Uncategorized
  • user-mode
  • VMware
  • Warbird
  • WASM
  • WEB
  • winapi
  • winapi
  • WinDBG
  • windows
  • Winsock
  • WSL
  • XNU Kernel
Log in
    © 2026 core-jmp. All rights reserved.
    Shopping Basket