Cyber Security Category Banner Image

EXP-312 - Advanced macOS Control Bypasses (OSMR) - Self-paced

  • Length 90 days access
  • Inclusions OSMR exam
Course overview
Book now

Why study this course

Advanced macOS Control Bypasses (EXP-312) is our first macOS security course. It's an offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system's defences.

EXP-312 is an advanced course that teaches the skills necessary to bypass security controls implemented by macOS, and exploit logic vulnerabilities to perform privilege escalation on macOS systems.

Learners who complete the course and pass the exam earn the OffSec macOS Researcher (OSMR) certification.

This self-paced course includes:

  • 7+ hours of video

  • 450 pages of online content

  • 4 lab machines

  • OSMR exam voucher

  • Closed Captioning is available for this course

  • A mac computer is not required

About the OSMR exam:

  • The EXP-312 course and online lab prepares you for the OSMR certification

  • 48-hour exam

  • Proctored

Learn more about the exam.

Following this course, the recommended next course is EXP-401 (OSEE).

Request Course Information

By submitting an enquiry, you agree to our privacy policy and receiving email and other forms of communication from us. You can opt-out at any time.


What you’ll learn

  • A strong understanding of macOS internals

  • Basics of Mach messaging

  • How to bypass Transparency, Content and Control (TCC) protections

  • How to escape the Sandbox

  • Perform symbolic link attacks

  • Leverage process injection techniques

  • Exploit XPC for privilege escalation

  • Perform hooking based attacks

  • Write Shellcode for macOS

  • Bypass kernel code-signing protection


OffSec Partner Logo - Gold Channel

OffSec at Lumify Work

Security professionals from top organisations rely on OffSec to train and certify their personnel. Lumify Work is an Official Training Partner for OffSec.


Stay ahead of the technology curve

Don’t let your tech outpace the skills of your people

Quality Instructors and Content

Expert instructors with real world experience and the latest vendor-approved in-depth course content.

Partner-Preferred Supplier

Chosen and awarded by the world's leading vendors as preferred training partner.

Ahead of the Technology Curve

No matter your chosen technologies or platforms, we can help you stay one step ahead.

Who is the course for?

  • Anyone who is interested in learning about macOS exploitation

  • Pentesters looking to broaden their skill set to include macOS expertise

  • Anyone committed to the defence or security of macOS systems

  • Job roles such as Penetration testers, Exploit developers, Security researcher, macOS defenders, and macOS application developers


Course subjects

The course covers the following topics:

  • Introduction to macOS internals

  • Debugging, Tracing, Hopper

  • Shellcoding in macOS

  • Dylib Injection

  • Mach and Mach injection

  • Hooking

  • XPC exploitation

  • Sandbox escape

  • Attacking privacy (TCC)

  • Symlink attacks

  • Kernel code execution

  • macOS Pentesting

View the full syllabus here.


Prerequisites

All students are required to have:

  • Knowledge of C programming

  • Normal user experience with macOS

  • Basic familiarity with 64-bit assembly and debugging

  • Understanding of basic exploitation concepts

EXP-301 Windows User Mode Exploit Development is a prerequisite for this course.


THIRD PARTY REGISTRATION

Lumify Work offers certification and training through our partnership with OffSec. This arrangement requires Lumify Work to provide your details to OffSec for course and/or exam registration purposes.



Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.


Request Course Information

By submitting an enquiry, you agree to our privacy policy and receiving email and other forms of communication from us. You can opt-out at any time.

Select and book a course

Can't find a date you like?

Contact sales

Stay ahead of the technology curve

Don’t let your tech outpace the skills of your people

Quality Instructors and Content

Expert instructors with real world experience and the latest vendor-approved in-depth course content.

Partner-Preferred Supplier

Chosen and awarded by the world's leading vendors as preferred training partner.

Ahead of the Technology Curve

No matter your chosen technologies or platforms, we can help you stay one step ahead.


Looking for more course options?