Skip to content

Latest commit

 

History

History
42 lines (32 loc) · 969 Bytes

README.md

File metadata and controls

42 lines (32 loc) · 969 Bytes

MacDefender

Port Windows Defender to OSX demo

Feature

  1. Remove all dependency of Windows by porting WIN API
  2. Support 64bit OS
  3. Support Windows SEH(x64) in OSX
  4. Only for Intel (M1 is not supported)

Installation and Setup

  1. Clone
git clone https://github.com/orca-eaa5a/mac-defender.git
  1. Set Pre-Defined Macros
  • __APPLE__ , _X64
  • __LOG__ ([optional] logging ported WIN API Call)
  1. Build use GCC (not clang)

Usage

./mac-defender $target_file

Notice

  • This project only for mpengine version 1.1.14405.2
  • other version maybe not working and lastest version will crushed..

Reference

  1. https://github.com/taviso/loadlibrary
  2. https://github.com/reactos/reactos
  3. https://github.com/wine-mirror/wine
  4. https://github.com/mandiant/speakeasy
  5. https://github.com/orca-eaa5a/winx86emulator

License

GPL License