Categories: Kali Linux

Kemon – An Open-Source Pre & Post Callback-Based Framework For macOS Kernel Monitoring

Kemon is an open-source Pre and Post callback-based framework for macOS kernel monitoring. With the power of it, we can easily implement LPC communication monitoring, MAC policy filtering, kernel driver firewall, etc. In general, from an attacker’s perspective, this framework can help achieve more powerful Rootkit. From the perspective of defense, it can help construct more granular monitoring capabilities. I also implemented a kernel fuzzer through this framework, which helped me find many vulnerabilities, such as: CVE-2017-7155, CVE-2017-7163, CVE-2017-13883, etc.

Also ReadSocialBox – A Bruteforce Attack Framework[ Facebook , Gmail , Instagram ,Twitter]

Supported Features

Features include:

  • file operation monitoring
  • process creation monitoring
  • dynamic library and kernel extension monitoring
  • network traffic monitoring
  • Mandatory Access Control (MAC) policy monitoring, etc.

In addition, this project can also extend the Pre and Post callback-based monitoring interfaces for any macOS kernel function.

Getting Started

How to use ?

  • Please turn off macOS System Integrity Protection (SIP) check if you don’t have a valid kernel certificate
  • Use the command “sudo chown -R root:wheel kemon.kext” to change the owner of the driver
  • Use the command “sudo kextload kemon.kext” to install the driver
  • Use the command “sudo kextunload kemon.kext” to uninstall the driver

R K

Recent Posts

How to Use the Windows Registry to optimize and control your PC.

The Windows Registry Editor lets you easily view and control critical Windows system and application…

2 hours ago

MQTT Security: Securing IoT Communications

In the rapidly expanding Internet of Things (IoT) ecosystem, billions of devices are constantly exchanging…

10 hours ago

How Do I Do Reverse Image Search

Have you ever come across a picture on the internet and wondered where it came…

1 week ago

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

3 weeks ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

3 weeks ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

3 weeks ago