# MacOS Hardening - [macOS Security & Privilege Escalation](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation.md) - [macOS Apps - Inspecting, debugging and Fuzzing](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-apps-inspecting-debugging-and-fuzzing.md) - [Introduction to x64](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-apps-inspecting-debugging-and-fuzzing/introduction-to-x64.md) - [Introduction to ARM64v8](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-apps-inspecting-debugging-and-fuzzing/arm64-basic-assembly.md) - [macOS AppleFS](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-applefs.md) - [macOS Bypassing Firewalls](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-bypassing-firewalls.md) - [macOS Defensive Apps](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-defensive-apps.md) - [macOS GCD - Grand Central Dispatch](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-gcd-grand-central-dispatch.md) - [macOS Kernel & System Extensions](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture.md) - [macOS IOKit](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/macos-iokit.md) - [macOS Kernel Extensions](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/macos-kernel-extensions.md) - [macOS Kernel Vulnerabilities](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/macos-kernel-vulnerabilities.md) - [macOS System Extensions](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/mac-os-architecture/macos-system-extensions.md) - [macOS Network Services & Protocols](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-protocols.md) - [macOS File Extension & URL scheme app handlers](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-file-extension-apps.md) - [macOS Files, Folders, Binaries & Memory](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries.md) - [macOS Bundles](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/macos-bundles.md) - [macOS Installers Abuse](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/macos-installers-abuse.md) - [macOS Memory Dumping](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/macos-memory-dumping.md) - [macOS Sensitive Locations & Interesting Daemons](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/macos-sensitive-locations.md) - [macOS Universal binaries & Mach-O Format](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-files-folders-and-binaries/universal-binaries-and-mach-o-format.md) - [macOS Objective-C](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-basic-objective-c.md) - [macOS Privilege Escalation](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-privilege-escalation.md) - [macOS Process Abuse](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse.md) - [macOS Dirty NIB](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-dirty-nib.md) - [macOS Chromium Injection](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-chromium-injection.md) - [macOS Electron Applications Injection](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-electron-applications-injection.md) - [macOS Function Hooking](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-function-hooking.md) - [macOS IPC - Inter Process Communication](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication.md) - [macOS MIG - Mach Interface Generator](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-mig-mach-interface-generator.md) - [macOS XPC](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-xpc.md) - [macOS XPC Authorization](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-xpc/macos-xpc-authorization.md) - [macOS XPC Connecting Process Check](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-xpc/macos-xpc-connecting-process-check.md) - [macOS PID Reuse](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-xpc/macos-xpc-connecting-process-check/macos-pid-reuse.md) - [macOS xpc\_connection\_get\_audit\_token Attack](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-xpc/macos-xpc-connecting-process-check/macos-xpc_connection_get_audit_token-attack.md) - [macOS Thread Injection via Task port](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ipc-inter-process-communication/macos-thread-injection-via-task-port.md) - [macOS Java Applications Injection](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-java-apps-injection.md) - [macOS Library Injection](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-library-injection.md) - [macOS Dyld Hijacking & DYLD\_INSERT\_LIBRARIES](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-library-injection/macos-dyld-hijacking-and-dyld_insert_libraries.md) - [macOS Dyld Process](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-library-injection/macos-dyld-process.md) - [macOS Perl Applications Injection](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-perl-applications-injection.md) - [macOS Python Applications Injection](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-python-applications-injection.md) - [macOS Ruby Applications Injection](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-ruby-applications-injection.md) - [macOS .Net Applications Injection](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-proces-abuse/macos-.net-applications-injection.md) - [macOS Security Protections](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections.md) - [macOS Gatekeeper / Quarantine / XProtect](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-gatekeeper.md) - [macOS Launch/Environment Constraints & Trust Cache](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-launch-environment-constraints.md) - [macOS Sandbox](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-sandbox.md) - [macOS Default Sandbox Debug](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-sandbox/macos-default-sandbox-debug.md) - [macOS Sandbox Debug & Bypass](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-sandbox/macos-sandbox-debug-and-bypass.md) - [macOS Office Sandbox Bypasses](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-sandbox/macos-sandbox-debug-and-bypass/macos-office-sandbox-bypasses.md) - [macOS SIP](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-sip.md) - [macOS TCC](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc.md) - [macOS Apple Events](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-apple-events.md) - [macOS TCC Bypasses](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-bypasses.md) - [macOS Apple Scripts](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-bypasses/macos-apple-scripts.md) - [macOS TCC Payloads](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-tcc/macos-tcc-payloads.md) - [macOS Dangerous Entitlements & TCC perms](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-dangerous-entitlements.md) - [macOS FS Tricks](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-fs-tricks.md) - [macOS xattr-acls extra stuff](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-fs-tricks/macos-xattr-acls-extra-stuff.md) - [macOS Users](https://hacktricks.xsx.tw/macos-hardening/macos-security-and-privilege-escalation/macos-users.md) - [macOS Red Teaming](https://hacktricks.xsx.tw/macos-hardening/macos-red-teaming.md) - [macOS MDM](https://hacktricks.xsx.tw/macos-hardening/macos-red-teaming/macos-mdm.md) - [Enrolling Devices in Other Organisations](https://hacktricks.xsx.tw/macos-hardening/macos-red-teaming/macos-mdm/enrolling-devices-in-other-organisations.md) - [macOS Serial Number](https://hacktricks.xsx.tw/macos-hardening/macos-red-teaming/macos-mdm/macos-serial-number.md) - [macOS Keychain](https://hacktricks.xsx.tw/macos-hardening/macos-red-teaming/macos-keychain.md) - [macOS Useful Commands](https://hacktricks.xsx.tw/macos-hardening/macos-useful-commands.md) - [macOS Auto Start](https://hacktricks.xsx.tw/macos-hardening/macos-auto-start-locations.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://hacktricks.xsx.tw/macos-hardening.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.