macOS Red Teaming
DarwinOps logo

DarwinOps

Your all-in-one macOS red team toolkit. Recon, initial acces, exploit, persist, all in one place.

A comprehensive macOS RedTeam toolkit supporting 14+ initial access formats (APP, PKG, DMG, MACHO, DYLIB, JXA, VSIX and more) with trojan injection and Gatekeeper bypass. It offers multi-layer evasion against both Apple and EDR solutions through obfuscation, in-memory execution, and binary string replacement. Advanced Dylib persistence, implant hardening, and ready-to-use multi-language pentest templates complete the full attack chain.

€1,490 / year per user · Volume discounts available
Contact UsView Pricing
Dashboard overview
1 / 10

What DarwinOps Does

DarwinOps is the macOS-specific tool in the BallisKit suite. It addresses a consistent gap in red team tooling: Windows coverage is deep and mature, macOS coverage is thin or nonexistent.

The problem is real. Enterprise environments are heterogeneous. Financial institutions, technology companies, and professional services firms (all TIBER-EU sectors) run significant macOS deployments, often including senior leadership and finance teams on Apple hardware. Assessments that skip macOS are incomplete by definition.

DarwinOps covers the macOS kill chain from initial access through persistence, with evasion built for the specific EDR products deployed in enterprise Apple environments.

Features Overview

DarwinOps features by category
CategoryFeatures
Initial Access14+ formats: APP, PKG, DMG, MACHO, DYLIB, JXA, VSIX, NPM, PLIST and more
PhishingDMG phishing profiles with Gatekeeper bypass
EvasionXOR obfuscation, variable renaming, in-memory execution, binary string replacement, auto-bypass mode
PersistenceDylib scanning & hijacking, proxying, LaunchAgent, multiple built-in persistence methods
C2 FrameworksApfell/Mythic JXA hardening, EDR static analysis bypass, bundle ID spoofing, dock concealment
Architecturearm64, x86_64, x86_64h — native Apple Silicon and Intel support

Key Capabilities

Initial Access

.app bundle generation
Fully configurable APP bundles with custom icon, bundle ID, metadata, and --no-dock to suppress Dock visibility during execution
PKG installer
Pre/post-install script support, custom install destination, optional elevation and distribution configuration
DMG container
Phishing profiles, custom volume name, Gatekeeper bypass via MOTW quarantine tag suppression, decoy file embedding
Mach-O & DYLIB
Native binary generation with architecture targeting (arm64, x86_64, x86_64h) and EDR string replacement
JXA & AppleScript
Script-based payloads with phishing headers, URL scheme delivery, and full obfuscation pipeline
VSIX (VSCode Extension)
Malicious extension generation with custom ID, publisher, version and optional Marketplace policy compliance
Multi-language support
Native macOS executable output for Apple Silicon and Intel targets

Evasion

Auto-bypass mode
--bypass flag automatically combines the best obfuscation and evasion options for the current payload and target
Bypass profiles
Load and reuse pre-configured evasion profiles across engagements with --bypass-profile for consistent, repeatable results
String obfuscation
XOR-based string encryption with a random key at build time, decrypted at runtime to defeat static analysis
Execution constraints
Domain restriction, expiry date (--expire) and start date (--start-date) to limit payload activation to the target window
In-memory execution
base64-encodes the payload and executes it entirely from memory, leaving no artifact on disk

Templates & Scenarios

SHELLCODE
Embed and execute raw shellcode directly into native macOS formats (MACHO, DYLIB, Python)
LOAD_REMOTE_JXA/BASH/APPLESCRIPT
Download and execute remote code in-memory via eval() across all three macOS scripting runtimes
EMBED_RUN/DROP
Drop and execute a staged payload to a configurable path with multiple embed methods
AUTO_DYLIB_INJECT
Automatically scan, identify and inject a dylib into vulnerable applications, with aggressive mode to maximize execution coverage
ENUM_BINARY_INJECT
Recursively scan the filesystem for binaries vulnerable to dylib injection from a configurable search path

EDR Bypass Profiles

Pre-built, production-tested profiles for major EDRs and Antivirus. Select a profile for your target environment and DarwinOps applies the appropriate bypass chain automatically.

Per-target profiles

Each profile is tuned to the specific detection logic of the target EDR, not a generic bypass.

Profile combinations

Profiles combines format, execution method, and evasion technique for common engagement scenarios.

Profile updates

Profiles are updated as EDR vendors release new detection improvements. Licenses include regular profile updates.

Understanding the macOS Security Architecture

Endpoint Security Framework (ESF)

Apple's official mechanism for security product visibility. EDRs subscribe to ESF events (process execution, file creation, network connections) to monitor endpoint behavior. DarwinOps includes techniques for reducing ESF visibility - suppressing event generation or operating below ESF detection thresholds.

Transparency Consent Control (TCC)

TCC governs access to sensitive macOS resources (camera, microphone, contacts, full disk access). Enterprise deployments often grant MDM-managed TCC permissions that can be abused. DarwinOps includes TCC bypass techniques targeting both user-context TCC and MDM-provisioned TCC grants.

Gatekeeper and Notarization

macOS Gatekeeper enforces code signing and notarization requirements. DarwinOps payload generation handles signing-compatible output and includes techniques for operating in environments with strict Gatekeeper enforcement.

MITRE ATT&CK Technique Coverage

DarwinOps reproduces documented macOS threat actor TTPs with precision. Each delivery format and post-exploitation technique maps to specific ATT&CK IDs - enabling scenario accuracy verification against Threat Intelligence Reports in TIBER-EU and equivalent intelligence-led engagements.

T1566
Phishing
DMG phishing profiles with decoy file embedding for social engineering delivery
T1204.002
Malicious File
User-executed .app, DMG, PKG, VSIX and NPM payloads
T1059.002
AppleScript / JXA
JXA and AppleScript execution with remote code loading support
T1059.004
Unix Shell
Bash-based payload generation and remote execution
T1056.002
GUI Input Capture
Fake system dialogs and privilege prompts for credential capture
T1548.004
Elevated Execution with Prompt
PKG-based elevation and fake UI prompts to escalate to root
T1543.001
Launch Agent
LaunchAgent plist-based persistence with configurable identifiers
T1543.004
Launch Daemon
System-level persistence with privilege escalation support
T1027
Obfuscated Files or Information
XOR encryption, variable renaming, and dummy code injection to evade static analysis
T1620
Reflective Code Loading
In-memory payload execution leaving no artifact on disk
T1553.001
Gatekeeper Bypass
DMG containers crafted to suppress quarantine tag propagation
T1628.003
Hidden Window
Suppresses Dock visibility during payload execution
T1119
Automated Collection
System information collection and exfiltration with encoding support
T1574.004
Dylib Hijacking
Automated scanning of vulnerable applications and dylib injection for persistent code execution
T1574.004.
Dylib Injection Enumeration
Recursive filesystem scan to identify binaries vulnerable to dylib injection

Technique coverage is used by red teams to verify scenario accuracy against Threat Intelligence Reports in TIBER-EU and intelligence-led red team programs globally.

TIBER-EU

DarwinOps for TIBER-EU macOS Coverage

TIBER-EU engagements at European financial institutions increasingly require macOS coverage. Modern threat actors targeting the financial sector specifically target macOS devices used by senior staff, treasury, and executive leadership. An engagement that does not include macOS in scope is not fully representative of the threat. DarwinOps provides the macOS offensive capability that makes complete TIBER-EU scope coverage executable.

Learn how BallisKit supports TIBER-EU

Pricing

€1,490
per user / per year
  • All initial access formats and techniques
  • All evasion mechanisms and bypass profiles
  • All persistence mechanisms
  • Implant Hardening
  • Regular updates (macOS version compatibility maintained)
  • Email support
  • Bypass profile update notifications

Bundle pricing available with MacroPack Pro and ShellcodePack.

Volume licensing for 3+ users. Contact contact@balliskit.com.

Professional email required. Anonymized or consumer domains not accepted.

Request Demo

Tutorials and Resources

Initial Access with AppleScript

Initial Access with AppleScript

MacOS is often considered well protected, largely due to Gatekeeper. However, some execution vectors still operate under a different trust…

22/01/20263 min read
Initial Access with DarwinOps PKG

Initial Access with DarwinOps PKG

20/11/20255 min read
Bypass Gatekeeper with DarwinOps DMG templates

Bypass Gatekeeper with DarwinOps DMG templates

So, you’ve just successfully set up Mythic and deployed your first Apfell implant, and you made some basic scenarios. If not, I invite you…

13/08/20255 min read

See more DarwinOps tutorials on our blog →

See It in Action

More DarwinOps demos available on the BallisKit Vimeo channel.

Watch on Vimeo →

See more DarwinOps videos on Vimeo →