{"id":9403,"date":"2017-09-20T07:40:42","date_gmt":"2017-09-20T15:40:42","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/09\/20\/news-3176\/"},"modified":"2017-09-20T07:40:42","modified_gmt":"2017-09-20T15:40:42","slug":"news-3176","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/09\/20\/news-3176\/","title":{"rendered":"Rewriting IDAPython Script objc2_xrefs_helper.py for Hopper"},"content":{"rendered":"<p><a href=\"https:\/\/blog.fortinet.com\/2017\/09\/19\/rewriting-idapython-script-objc2-xrefs-helper-py-for-hopper\" target=\"bwo\" >https:\/\/blog.fortinet.com\/feed<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security researchers have identified more and more Mac OS malware attacks over the past two years. In June 2017, Rommel Joven and Wayne Chin Yick Low from Fortinet\u2019s Fortiguard Labs found and analyzed a new ransomware targeted at Mac OS. \u00a0Most malware for Mac OS was developed in the Objective-C programming language. A good introduction to reverse engineering Cocoa applications can be found here. In that blog post, the researcher released an IDAPython script named objc2_xrefs_helper.py\u00a0 that can only be executed in IDA Pro. As you&#8230;<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10424,10378],"tags":[],"class_list":["post-9403","post","type-post","status-publish","format-standard","hentry","category-fortinet","category-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/9403","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=9403"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/9403\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=9403"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=9403"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=9403"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}