{"id":10358,"date":"2020-04-22T09:32:37","date_gmt":"2020-04-22T04:02:37","guid":{"rendered":"http:\/\/kalilinuxtutorials.com\/?p=10358"},"modified":"2020-04-22T09:32:37","modified_gmt":"2020-04-22T04:02:37","slug":"crescendo","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/crescendo\/","title":{"rendered":"Crescendo : Real Time Event Viewer For MacOS"},"content":{"rendered":"\n<p><strong>Crescendo <\/strong>is a swift based, real time event viewer for macOS. It utilizes Apple&#8217;s Endpoint Security Framework. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-cDr4AMR2dqw\/Xp8uEU2gX-I\/AAAAAAAAF_A\/9i3K-MlnF1cTJdSLl3bhq-stWr0MPo-BQCLcBGAsYHQ\/s1600\/Crescendo-1.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>Apple has introduced some new security mechanisms that we need to enable to get Crescendo running.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Ensure that you have moved the app to your \/Applications director or the system extension will fail to load.<\/li><li>For the first run you will be prompted to approve the system extension, after clicking the &#8220;Start&#8221; button. <em>NOTE: I have noticed that there is an issue where System Preferences won&#8217;t show an allow button. I assume this is some internal issue Apple needs to workout. Clicking back to System Preferences and navigating forward again seems to fix the issue.<\/em><\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-SaGJbLwK8S0\/Xp8t9N9X_bI\/AAAAAAAAF-4\/n9nay7Ms8wA1MkaJzFeC9DTIWPKm7wI3wCLcBGAsYHQ\/s1600\/Crescendo-2.png\" alt=\"\"\/><\/figure><\/div>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-iUGQzMt7jnE\/Xp8t-hjWHeI\/AAAAAAAAF-8\/TBt-5Zg-arkhRPSnwrdx99NZmZdRZFTjQCLcBGAsYHQ\/s1600\/Crescendo-3.png\" alt=\"\"\/><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>You will need to enable Full Disk Access for the system extension.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-rwrx0rqzyHI\/Xp8uElO8KhI\/AAAAAAAAF_E\/BRuSBq62IWQ8pEvMgNtkd52Oumnfngs-gCLcBGAsYHQ\/s1600\/Crescendo-4.png\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Requirements<\/strong><\/p>\n\n\n\n<p>Crescendo is only compatible with &gt;=10.15.X and at least Xcode 10.<\/p>\n\n\n\n<p class=\"has-text-align-center\"><strong>Also Read &#8211; <a href=\"https:\/\/kalilinuxtutorials.com\/htbenum\/\" target=\"_blank\" rel=\"noreferrer noopener\">HTBenum : A Linux Enumeration Script For Hack The Box<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Components<\/strong><\/p>\n\n\n\n<p>This project consists of three main components:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>A system extension (CrescendoExtension)<\/li><li>A Framework wrapper around the Endpoint Security Framework (Crescendo)<\/li><li>An app for viewing events in a nice little user interface (CrescendoApp)<\/li><\/ul>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Testing &amp; Development<\/strong><\/p>\n\n\n\n<p>It is <em>highly<\/em> recommended to test this code in a virtual machine with SIP disabled, since this project requires the endpoint-security entitlement, TCC, and proper signing when SIP is enabled.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Boot into Recovery mode on macOS<\/li><li>Disable SIP and AMFI<\/li><\/ul>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>csrutil disable <br>nvram boot-args=&#8221;amfi_get_out_of_my_way=0x1&#8243; <\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\" start=\"3\"><li>Reboot<\/li><li>Enable developer mode so our extensions will reload everytime we call <code><strong>OSSystemExtensionManager.shared.submitRequest<\/strong><\/code><\/li><\/ul>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>systemextensionsctl developer on <\/strong><\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Signing<\/strong><\/p>\n\n\n\n<p>If you wish to sign your own application, it is highly recommend to read Apple&#8217;s documentation on <a href=\"https:\/\/developer.apple.com\/documentation\/systemextensions\">System Extension<\/a> requirements and <a href=\"https:\/\/developer.apple.com\/documentation\/xcode\/notarizing_macos_software_before_distribution\">Notorization<\/a>.<\/p>\n\n\n\n<p><strong>Signing and entitlement is a non-trivial exercise.<\/strong><\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Building<\/strong><\/p>\n\n\n\n<p>I have included my .xproj file in this release to get folks started. In the future I will likely move to using the new xcconfig file as this seems much more sane of an approach instead of commiting xproj files. If you wish to simply build the example cli application you can do so with Xcode.<\/p>\n\n\n\n<p>In order to build this application and run it on a production macOS system, you will need the endpoint-security entitlement and a developer certificate from Apple.<\/p>\n\n\n\n<p>The Crescendo framework can easily be bundled with any Swift application. I may move to CocoaPods in the future, but I am unfamiliar with them right now.<\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Issues\/Bugs\/Features<\/strong><\/p>\n\n\n\n<p>Please feel free to raise an issue if you wish to see a feature added or encounter an issue. If you wish to contribute a pull request, please just ensure you run swiftlint over your code before contributing.<\/p>\n\n\n\n<p>I will cut releases for the compiled + signed app and include them in the Releases tab as needed.<\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Troubleshooting<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>If you are running on a production Mac, you should <em>NOT<\/em> disable SIP or AMFI. Those instructions are for developers wishing to make code changes.<\/li><li>Did you enable the system extension by clicking the &#8220;Allow&#8221; button in <code><strong>System Preferences -&gt; Security &amp; Privacy<\/strong><\/code>? If not, you will not see any events.<\/li><li>Did you enable full disk access in <code><strong>System Preferences -&gt; Security &amp; Privacy -&gt; Privacy Tab<\/strong><\/code>? If not, you will not see any events.<\/li><li>If you encounter any issues, open Console.app and search for <strong><code>crescendo<\/code> or <code>&lt;your_bundle_id&gt;<\/code>\/<code>com.suprhackersteve<\/code><\/strong> as a filter, that should assist you in troubleshooting any potential issues. It is also a good idea to check in CrashReporter and see if the extension has crashed or exited with <code><strong>fatalError<\/strong><\/code>.<\/li><li>If you wish to forcefully unload the system extension, there is a menu item named &#8220;Unload System Extension&#8221; that will unload it. This action may lead to odd side effects, only do it if you know what you are doing.<\/li><li>If you have added a process to the blacklist and it is still allowed to execute, remember to check the <em>real full path<\/em>. Simply using \/Applications\/Foo.app, will not be enough to prevent the execution. Also, many macOS applications are launched via xpcproxy.<\/li><\/ul>\n\n\n\n<div class=\"wp-block-buttons aligncenter is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-background has-vivid-cyan-blue-background-color\" href=\"https:\/\/github.com\/SuprHackerSteve\/Crescendo\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple&#8217;s Endpoint Security Framework. Apple has introduced some new security mechanisms that we need to enable to get Crescendo running. Ensure that you have moved the app to your \/Applications director or the system extension will fail to load. For the first [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":16249,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png","fifu_image_alt":"Crescendo : Real Time Event Viewer For MacOS","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[210,686,1966],"class_list":["post-10358","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-apple","tag-crescendo","tag-macos"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Crescendo : Real Time Event Viewer For MacOS 2020<\/title>\n<meta name=\"description\" content=\"Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple&#039;s Endpoint Security Framework. Apple has introduced some new security\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/crescendo\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Crescendo : Real Time Event Viewer For MacOS 2020\" \/>\n<meta property=\"og:description\" content=\"Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple&#039;s Endpoint Security Framework. Apple has introduced some new security\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/crescendo\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-22T04:02:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/crescendo\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/crescendo\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"Crescendo : Real Time Event Viewer For MacOS\",\"datePublished\":\"2020-04-22T04:02:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/crescendo\/\"},\"wordCount\":649,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/crescendo\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png\",\"keywords\":[\"Apple\",\"Crescendo\",\"MacOS\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/crescendo\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/crescendo\/\",\"name\":\"Crescendo : Real Time Event Viewer For MacOS 2020\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/crescendo\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/crescendo\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png\",\"datePublished\":\"2020-04-22T04:02:37+00:00\",\"description\":\"Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework. Apple has introduced some new security\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/crescendo\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/crescendo\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Crescendo : Real Time Event Viewer For MacOS 2020","description":"Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework. Apple has introduced some new security","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/crescendo\/","og_locale":"en_US","og_type":"article","og_title":"Crescendo : Real Time Event Viewer For MacOS 2020","og_description":"Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework. Apple has introduced some new security","og_url":"https:\/\/kalilinuxtutorials.com\/crescendo\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2020-04-22T04:02:37+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/crescendo\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/crescendo\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"Crescendo : Real Time Event Viewer For MacOS","datePublished":"2020-04-22T04:02:37+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/crescendo\/"},"wordCount":649,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/crescendo\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png","keywords":["Apple","Crescendo","MacOS"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/crescendo\/","url":"https:\/\/kalilinuxtutorials.com\/crescendo\/","name":"Crescendo : Real Time Event Viewer For MacOS 2020","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/crescendo\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/crescendo\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png","datePublished":"2020-04-22T04:02:37+00:00","description":"Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework. Apple has introduced some new security","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/crescendo\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/crescendo\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-bCmhNP5-kiU\/Xp8u1c7Bv0I\/AAAAAAAAF_Y\/LWd9Hd5lvFwAGXtPi_j6tUsOZbGsicRzgCLcBGAsYHQ\/s1600\/Crescendo%25281%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":31492,"url":"https:\/\/kalilinuxtutorials.com\/red-canary-mac-monitor\/","url_meta":{"origin":10358,"position":0},"title":"Enhancing macOS Security: A Guide to Red Canary Mac Monitor","author":"Varshini","date":"December 11, 2023","format":false,"excerpt":"Red Canary Mac Monitor is an\u00a0advanced, stand-alone system monitoring tool tailor-made for macOS security research, malware triage, and system troubleshooting. Harnessing Apple Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to surface only the events that are relevant to you.\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTJcRR-l35dPqZvNpd7K1gtZmLeL_fDAoywwbFPuOjZPHRo1jIYCwdgR3NruqMmMWbhCx9noF8e265VXkKlbCmnfnjLPVywZe6KZScn9asHMvaEaEadK9-klpqf0C7g8-ffUEUXeY5K0GBWx3JOEeM6Qltfk9ooflM1dU-5HZoCIXPwKbL_T4K3rg7wA\/s16000\/Mac%20Monitor.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTJcRR-l35dPqZvNpd7K1gtZmLeL_fDAoywwbFPuOjZPHRo1jIYCwdgR3NruqMmMWbhCx9noF8e265VXkKlbCmnfnjLPVywZe6KZScn9asHMvaEaEadK9-klpqf0C7g8-ffUEUXeY5K0GBWx3JOEeM6Qltfk9ooflM1dU-5HZoCIXPwKbL_T4K3rg7wA\/s16000\/Mac%20Monitor.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTJcRR-l35dPqZvNpd7K1gtZmLeL_fDAoywwbFPuOjZPHRo1jIYCwdgR3NruqMmMWbhCx9noF8e265VXkKlbCmnfnjLPVywZe6KZScn9asHMvaEaEadK9-klpqf0C7g8-ffUEUXeY5K0GBWx3JOEeM6Qltfk9ooflM1dU-5HZoCIXPwKbL_T4K3rg7wA\/s16000\/Mac%20Monitor.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTJcRR-l35dPqZvNpd7K1gtZmLeL_fDAoywwbFPuOjZPHRo1jIYCwdgR3NruqMmMWbhCx9noF8e265VXkKlbCmnfnjLPVywZe6KZScn9asHMvaEaEadK9-klpqf0C7g8-ffUEUXeY5K0GBWx3JOEeM6Qltfk9ooflM1dU-5HZoCIXPwKbL_T4K3rg7wA\/s16000\/Mac%20Monitor.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTJcRR-l35dPqZvNpd7K1gtZmLeL_fDAoywwbFPuOjZPHRo1jIYCwdgR3NruqMmMWbhCx9noF8e265VXkKlbCmnfnjLPVywZe6KZScn9asHMvaEaEadK9-klpqf0C7g8-ffUEUXeY5K0GBWx3JOEeM6Qltfk9ooflM1dU-5HZoCIXPwKbL_T4K3rg7wA\/s16000\/Mac%20Monitor.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTJcRR-l35dPqZvNpd7K1gtZmLeL_fDAoywwbFPuOjZPHRo1jIYCwdgR3NruqMmMWbhCx9noF8e265VXkKlbCmnfnjLPVywZe6KZScn9asHMvaEaEadK9-klpqf0C7g8-ffUEUXeY5K0GBWx3JOEeM6Qltfk9ooflM1dU-5HZoCIXPwKbL_T4K3rg7wA\/s16000\/Mac%20Monitor.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":30951,"url":"https:\/\/kalilinuxtutorials.com\/dangerzone\/","url_meta":{"origin":10358,"position":1},"title":"Dangerzone &#8211; Safely Convert Risky Documents Into Secure PDFs","author":"Varshini","date":"October 19, 2023","format":false,"excerpt":"Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF. Dangerzone works like this: You give it a document that you don't know if you can trust (for example, an email attachment). Inside of a sandbox, Dangerzone converts the document to a PDF (if it\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgi-a_et2oc3bkXhjD4WZAWoXqyErNtycbLAVROGwGrAw4RDEd6ui-wip3uYLYD5NDv0a5FoadQ7ammhQQj80BrFKiyuPuPtS56Myd6YCJPBlAW_0hyphenhyphen8cyv9yIaqLKBlexacpqWCakWfhEclt3ffBPkSudgqqXjldBv26WTwBqXgjF_1xuIHDWlqanLGJnx\/s16000\/Untitled%20design%20%2834%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgi-a_et2oc3bkXhjD4WZAWoXqyErNtycbLAVROGwGrAw4RDEd6ui-wip3uYLYD5NDv0a5FoadQ7ammhQQj80BrFKiyuPuPtS56Myd6YCJPBlAW_0hyphenhyphen8cyv9yIaqLKBlexacpqWCakWfhEclt3ffBPkSudgqqXjldBv26WTwBqXgjF_1xuIHDWlqanLGJnx\/s16000\/Untitled%20design%20%2834%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgi-a_et2oc3bkXhjD4WZAWoXqyErNtycbLAVROGwGrAw4RDEd6ui-wip3uYLYD5NDv0a5FoadQ7ammhQQj80BrFKiyuPuPtS56Myd6YCJPBlAW_0hyphenhyphen8cyv9yIaqLKBlexacpqWCakWfhEclt3ffBPkSudgqqXjldBv26WTwBqXgjF_1xuIHDWlqanLGJnx\/s16000\/Untitled%20design%20%2834%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgi-a_et2oc3bkXhjD4WZAWoXqyErNtycbLAVROGwGrAw4RDEd6ui-wip3uYLYD5NDv0a5FoadQ7ammhQQj80BrFKiyuPuPtS56Myd6YCJPBlAW_0hyphenhyphen8cyv9yIaqLKBlexacpqWCakWfhEclt3ffBPkSudgqqXjldBv26WTwBqXgjF_1xuIHDWlqanLGJnx\/s16000\/Untitled%20design%20%2834%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgi-a_et2oc3bkXhjD4WZAWoXqyErNtycbLAVROGwGrAw4RDEd6ui-wip3uYLYD5NDv0a5FoadQ7ammhQQj80BrFKiyuPuPtS56Myd6YCJPBlAW_0hyphenhyphen8cyv9yIaqLKBlexacpqWCakWfhEclt3ffBPkSudgqqXjldBv26WTwBqXgjF_1xuIHDWlqanLGJnx\/s16000\/Untitled%20design%20%2834%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgi-a_et2oc3bkXhjD4WZAWoXqyErNtycbLAVROGwGrAw4RDEd6ui-wip3uYLYD5NDv0a5FoadQ7ammhQQj80BrFKiyuPuPtS56Myd6YCJPBlAW_0hyphenhyphen8cyv9yIaqLKBlexacpqWCakWfhEclt3ffBPkSudgqqXjldBv26WTwBqXgjF_1xuIHDWlqanLGJnx\/s16000\/Untitled%20design%20%2834%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":11002,"url":"https:\/\/kalilinuxtutorials.com\/santa\/","url_meta":{"origin":10358,"position":2},"title":"Santa : A Binary Whitelisting\/Blacklisting System For macOS","author":"R K","date":"July 23, 2020","format":false,"excerpt":"Santa is a binary authorization system for macOS. It consists of a kernel extension (or a system extension on macOS 10.15+) that monitors for executions, a userland daemon that makes execution decisions based on the contents of a SQLite database, a GUI agent that notifies the user in case of\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":11340,"url":"https:\/\/kalilinuxtutorials.com\/sinter\/","url_meta":{"origin":10358,"position":3},"title":"Sinter : User-Mode Application Authorization System For MacOS","author":"R K","date":"August 26, 2020","format":false,"excerpt":"Sinter is a 100% user-mode endpoint security agent for macOS 10.15 and above, written in Swift. It uses the user-mode EndpointSecurity API to subscribe to and receive authorization callbacks from the macOS kernel, for a set of security-relevant event types. The current version of Sinter supports allowing\/denying process executions; in\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2910,"url":"https:\/\/kalilinuxtutorials.com\/kemon-macos-kernel-monitoring\/","url_meta":{"origin":10358,"position":4},"title":"Kemon &#8211; An Open-Source Pre &#038; Post Callback-Based Framework For macOS Kernel Monitoring","author":"R K","date":"October 5, 2018","format":false,"excerpt":"Kemon is an open-source Pre and Post callback-based framework for macOS kernel monitoring. With the power of it, we can easily implement LPC communication monitoring, MAC policy filtering, kernel driver firewall, etc. In general, from an attacker's perspective, this framework can help achieve more powerful Rootkit. From the perspective of\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":25622,"url":"https:\/\/kalilinuxtutorials.com\/can-linux-be-installed-on-a-mac\/","url_meta":{"origin":10358,"position":5},"title":"Can Linux Be Installed On a Mac?","author":"Balaji N","date":"June 1, 2022","format":false,"excerpt":"Linux operating system is the most common open source OS used on servers, smartphones, desktop and laptop computers, and other compatible devices. It can run on most major computer platforms like ARM, SPARC, and x86; and is rated highly by many in the tech industry. There are different versions of\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj204o8HcvzM7XUa4U1V8MmScuKtoHj9TiqeVP7JDq9wh7V6iLWA9vKMNeVTrtRpQ394eESTTJAubTcRZuaOlXIs1FJUylRDdOivEJQxOKdD1L2Qtry8DyV1xzD-KfKXE6x4P7Zl9dplseyFHjsR4dU-IG8cj4HHNvyluwwVx1QGJ5AJE250uWGWkwIaA\/s16000\/sfssf.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj204o8HcvzM7XUa4U1V8MmScuKtoHj9TiqeVP7JDq9wh7V6iLWA9vKMNeVTrtRpQ394eESTTJAubTcRZuaOlXIs1FJUylRDdOivEJQxOKdD1L2Qtry8DyV1xzD-KfKXE6x4P7Zl9dplseyFHjsR4dU-IG8cj4HHNvyluwwVx1QGJ5AJE250uWGWkwIaA\/s16000\/sfssf.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj204o8HcvzM7XUa4U1V8MmScuKtoHj9TiqeVP7JDq9wh7V6iLWA9vKMNeVTrtRpQ394eESTTJAubTcRZuaOlXIs1FJUylRDdOivEJQxOKdD1L2Qtry8DyV1xzD-KfKXE6x4P7Zl9dplseyFHjsR4dU-IG8cj4HHNvyluwwVx1QGJ5AJE250uWGWkwIaA\/s16000\/sfssf.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj204o8HcvzM7XUa4U1V8MmScuKtoHj9TiqeVP7JDq9wh7V6iLWA9vKMNeVTrtRpQ394eESTTJAubTcRZuaOlXIs1FJUylRDdOivEJQxOKdD1L2Qtry8DyV1xzD-KfKXE6x4P7Zl9dplseyFHjsR4dU-IG8cj4HHNvyluwwVx1QGJ5AJE250uWGWkwIaA\/s16000\/sfssf.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/10358","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=10358"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/10358\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/16249"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=10358"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=10358"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=10358"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}