SkillAgentSearch skills...

SwiftInMemoryLoading

Swift implementation of in-memory Mach-O loading on macOS

GenerateConvertImprove

Install / Use

/learn @slyd0g/SwiftInMemoryLoading
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

SwiftInMemoryLoading

Swift implementation of in-memory Mach-O execution. Works on Big Sur and Monterey. It should be noted that this is not truly file-less on macOS Monterey (see blogpost).

  • ./SwiftInMemoryLoading /full/path/to/binary arg1 arg2 arg3

Blogpost

  • https://slyd0g.medium.com/understanding-and-defending-against-reflective-code-loading-on-macos-e2e83211e48f

Example Usage

Example

Credit

  • https://github.com/its-a-feature/macos_execute_from_memory
  • https://github.com/djhohnstein/macos_shell_memory
  • https://gist.github.com/johnkhbaek/771a98212045f327cc1c86aaac63a4e3
  • https://hackd.net/posts/macos-reflective-code-loading-analysis/
  • Timo Schmid and Carl Svensson for discovering the changes in NSLinkModule's return value on Monterey

slyd0g

View profile

View on GitHub
GitHub Stars68
CategoryDevelopment
Updated3mo ago
Forks6
slyd0g/SwiftInMemoryLoading

Languages

C

Security Score

77/100

Audited on Dec 13, 2025

No findings