Gabriel Biondo

Security Researcher • macOS Specialist • Exploit Developer

Posts by Tag

macos-reversing

Introduction to registers

5 minute read

Before we can reverse anything, we need a precise mental model of how ARM64 actually works. In this first lesson we cover the essential foundations: data siz...

Preparing to Reverse

2 minute read

Assembly is the only place where software stops lying. High-level languages hide the truth; instructions expose it. Understanding AArch64 gives you the abili...

Reversing 101 - introduction

2 minute read

A quarter century in pentesting taught me one thing: real reversing knowledge is intentionally rare. Not because it’s hard — but because people want to keep ...

After OBTS 8.0

5 minute read

First-hand notes from Objective By The Sea: why I attended Patrick Wardle’s Mac malware course, what I learned, and the ideas worth following up.

Back to Top ↑

assembly

Introduction to registers

5 minute read

Before we can reverse anything, we need a precise mental model of how ARM64 actually works. In this first lesson we cover the essential foundations: data siz...

Preparing to Reverse

2 minute read

Assembly is the only place where software stops lying. High-level languages hide the truth; instructions expose it. Understanding AArch64 gives you the abili...

Reversing 101 - introduction

2 minute read

A quarter century in pentesting taught me one thing: real reversing knowledge is intentionally rare. Not because it’s hard — but because people want to keep ...

Back to Top ↑

malware-analysis

Mac Malware Reversing Lab

9 minute read

Step-by-step guide to setting up a macOS virtual machine for malware reversing — from choosing the right hypervisor to securing your environment against self...

After OBTS 8.0

5 minute read

First-hand notes from Objective By The Sea: why I attended Patrick Wardle’s Mac malware course, what I learned, and the ideas worth following up.

Back to Top ↑

apple-security-101

Apple Gatekeeper

8 minute read

Gatekeeper is macOS’s pre-execution policy engine — not an antivirus, but a trust enforcement layer that decides whether code may run based on its signature,...

Apple Defences

23 minute read

A concise dissection of Apple’s built-in security controls. Not marketing — real mechanisms, real boundaries, and how attackers see them.

Back to Top ↑

macos-structure

Apple Gatekeeper

8 minute read

Gatekeeper is macOS’s pre-execution policy engine — not an antivirus, but a trust enforcement layer that decides whether code may run based on its signature,...

Apple Defences

23 minute read

A concise dissection of Apple’s built-in security controls. Not marketing — real mechanisms, real boundaries, and how attackers see them.

Back to Top ↑

lore

Back to Top ↑

I-did-the-math-so-you-dont-have-to

Merkle Trees

8 minute read

A hands-on, mathematically honest walkthrough of Merkle trees.From tagged hashing to proofs, root verification, ordering guarantees, and padding strategies u...

Back to Top ↑

#load-commands

Back to Top ↑

#LC_CODE_SIGNATURE

Back to Top ↑

0tH

Back to Top ↑

load-commands

Back to Top ↑