From cc591e84aab04e86f06dcd0fb1cf02b6df66165a Mon Sep 17 00:00:00 2001
From: drduh <github@duh.to>
Date: Thu, 17 Jan 2019 20:51:37 -0800
Subject: [PATCH] Organize launchd files, additional links. Fix #324.

---
 README.md                                     | 130 ++++++------------
 .../14F27_launchd.csv                         |   0
 .../15B42_launchd.csv                         |   0
 .../16A323_launchd.csv                        |   0
 comments.csv => launchd/comments.csv          |   0
 .../read_launch_plists.py                     |   0
 6 files changed, 43 insertions(+), 87 deletions(-)
 rename 14F27_launchd.csv => launchd/14F27_launchd.csv (100%)
 rename 15B42_launchd.csv => launchd/15B42_launchd.csv (100%)
 rename 16A323_launchd.csv => launchd/16A323_launchd.csv (100%)
 rename comments.csv => launchd/comments.csv (100%)
 rename read_launch_plists.py => launchd/read_launch_plists.py (100%)

diff --git a/README.md b/README.md
index 8f9f5637..5ffcc96e 100755
--- a/README.md
+++ b/README.md
@@ -2420,91 +2420,47 @@ export HOME=/Users/blah
 
 ## Additional resources
 
-*In no particular order*
-
-[MacOS Hardening Guide - Appendix of \*OS Internals: Volume III - Security & Insecurity Internals](http://newosxbook.com/files/moxii3/AppendixA.pdf) (pdf)
-
-[Mac Developer Library: Secure Coding Guide](https://developer.apple.com/library/mac/documentation/Security/Conceptual/SecureCodingGuide/Introduction.html)
-
-[OS X Core Technologies Overview White Paper](https://www.apple.com/osx/all-features/pdf/osx_elcapitan_core_technologies_overview.pdf) (pdf)
-
-[Reverse Engineering Mac OS X blog](https://reverse.put.as/)
-
-[Reverse Engineering Resources](http://samdmarshall.com/re.html)
-
-[Patrick Wardle's Objective-See blog](https://objective-see.com/blog.html)
-
-[Managing Macs at Google Scale (LISA '13)](https://www.usenix.org/conference/lisa13/managing-macs-google-scale)
-
-[OS X Hardening: Securing a Large Global Mac Fleet (LISA '13)](https://www.usenix.org/conference/lisa13/os-x-hardening-securing-large-global-mac-fleet)
-
-[DoD Security Technical Implementation Guides for Mac OS](http://iase.disa.mil/stigs/os/mac/Pages/mac-os.aspx)
-
-[The EFI boot process](http://web.archive.org/web/20160508052211/http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/efi-boot-process.html)
-
-[The Intel Mac boot process](http://refit.sourceforge.net/info/boot_process.html)
-
-[Userland Persistence on Mac OS X](https://archive.org/details/joshpitts_shmoocon2015)
-
-[Developing Mac OSX kernel rootkits](http://phrack.org/issues/66/16.html#article)
-
-[IOKit kernel code execution exploit](https://code.google.com/p/google-security-research/issues/detail?id=135)
-
-[Hidden backdoor API to root privileges in Apple OS X](https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/)
-
-[IPv6 Hardening Guide for OS X](http://www.insinuator.net/2015/02/ipv6-hardening-guide-for-os-x/)
-
-[Harden the World: Mac OSX 10.11 El Capitan](http://docs.hardentheworld.org/OS/OSX_10.11_El_Capitan/)
-
-[Hacker News discussion](https://news.ycombinator.com/item?id=10148077)
-
-[Hacker News discussion 2](https://news.ycombinator.com/item?id=13023823)
-
-[Apple Open Source](https://opensource.apple.com/)
-
-[OS X 10.10 Yosemite: The Ars Technica Review](https://arstechnica.com/apple/2014/10/os-x-10-10/)
-
-[CIS Apple OSX 10.10 Benchmark](https://benchmarks.cisecurity.org/tools2/osx/CIS_Apple_OSX_10.10_Benchmark_v1.1.0.pdf) (pdf)
-
-[How to Switch to the Mac](https://taoofmac.com/space/HOWTO/Switch)
-
-[Security Configuration For Mac OS X Version 10.6 Snow Leopard](https://www.apple.com/support/security/guides/docs/SnowLeopard_Security_Config_v10.6.pdf) (pdf)
-
-[EFF Surveillance Self-Defense Guide](https://ssd.eff.org/)
-
-[MacAdmins on Slack](https://macadmins.herokuapp.com/)
-
-[iCloud security and privacy overview](https://support.apple.com/kb/HT4865)
-
-[Demystifying the DMG File Format](http://newosxbook.com/DMG.html)
-
-[There's a lot of vulnerable OS X applications out there (Sparkle Framework RCE)](https://vulnsec.com/2016/osx-apps-vulnerabilities/)
-
-[iSeeYou: Disabling the MacBook Webcam Indicator LED](https://jscholarship.library.jhu.edu/handle/1774.2/36569)
-
-[Mac OS X Forensics - Technical Report](https://www.ma.rhul.ac.uk/static/techrep/2015/RHUL-MA-2015-8.pdf) (pdf)
-
-[Mac Forensics: Mac OS X and the HFS+ File System](https://cet4861.pbworks.com/w/file/fetch/71245694/mac.forensics.craiger-burke.IFIP.06.pdf) (pdf)
-
-[Extracting FileVault 2 Keys with Volatility](https://tribalchicken.com.au/security/extracting-filevault-2-keys-with-volatility/)
-
-[Auditing and Exploiting Apple IPC](https://googleprojectzero.blogspot.com/2015/09/revisiting-apple-ipc-1-distributed_28.html)
-
-[Mac OS X and iOS Internals: To the Apple's Core by Jonathan Levin](https://www.amazon.com/Mac-OS-iOS-Internals-Apples/dp/1118057651)
-
-[Demystifying the i-Device NVMe NAND (New storage used by Apple)](http://ramtin-amin.fr/#nvmepcie)
-
-[The macOS Phishing Easy Button: AppleScript Dangers](https://duo.com/blog/the-macos-phishing-easy-button-applescript-dangers)
-
-[Over The Air - Vol. 2, Pt. 1: Exploiting The Wi-Fi Stack on Apple Devices](https://googleprojectzero.blogspot.com/2017/09/over-air-vol-2-pt-1-exploiting-wi-fi.html)
-
-[The Great DOM Fuzz-off of 2017](https://googleprojectzero.blogspot.be/2017/09/the-great-dom-fuzz-off-of-2017.html)
-
-[Remote code execution, git, and OS X](https://rachelbythebay.com/w/2016/04/17/unprotected/)
-
-[OSX.Pirrit Mac Adware Part III: The DaVinci Code](https://www.cybereason.com/blog/targetingedge-mac-os-x-pirrit-malware-adware-still-active)
-
-[How to make macOS Spotlight fuck the fuck off and do your bidding](https://m4.rkw.io/blog/how-to-make-macos-spotlight-fuck-the-fuck-off-and-do-your-bidding.html)
-
-[Fuzzing the macOS WindowServer for Exploitable Vulnerabilities](http://blog.ret2.io/2018/07/25/pwn2own-2018-safari-sandbox/)
+* [Apple Open Source](https://opensource.apple.com/)
+* [Auditing and Exploiting Apple IPC](https://googleprojectzero.blogspot.com/2015/09/revisiting-apple-ipc-1-distributed_28.html)
+* [CIS Benchmarks](https://www.cisecurity.org/benchmark/apple_os/)
+* [Demystifying the DMG File Format](http://newosxbook.com/DMG.html)
+* [Demystifying the i-Device NVMe NAND (New storage used by Apple)](http://ramtin-amin.fr/#nvmepcie)
+* [Developing Mac OSX kernel rootkits](http://phrack.org/issues/66/16.html#article)
+* [DoD Security Technical Implementation Guides for Mac OS](http://iase.disa.mil/stigs/os/mac/Pages/mac-os.aspx)
+* [EFF Surveillance Self-Defense Guide](https://ssd.eff.org/)
+* [Extracting FileVault 2 Keys with Volatility](https://tribalchicken.com.au/security/extracting-filevault-2-keys-with-volatility/)
+* [Fuzzing the macOS WindowServer for Exploitable Vulnerabilities](http://blog.ret2.io/2018/07/25/pwn2own-2018-safari-sandbox/)
+* [Hacker News discussion 2](https://news.ycombinator.com/item?id=13023823)
+* [Hacker News discussion](https://news.ycombinator.com/item?id=10148077)
+* [Harden the World: Mac OSX 10.11 El Capitan](http://docs.hardentheworld.org/OS/OSX_10.11_El_Capitan/)
+* [Hidden backdoor API to root privileges in Apple OS X](https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/)
+* [How to Switch to the Mac](https://taoofmac.com/space/HOWTO/Switch)
+* [How to make macOS Spotlight fuck the fuck off and do your bidding](https://m4.rkw.io/blog/how-to-make-macos-spotlight-fuck-the-fuck-off-and-do-your-bidding.html)
+* [IOKit kernel code execution exploit](https://code.google.com/p/google-security-research/issues/detail?id=135)
+* [IPv6 Hardening Guide for OS X](http://www.insinuator.net/2015/02/ipv6-hardening-guide-for-os-x/)
+* [Mac Developer Library: Secure Coding Guide](https://developer.apple.com/library/mac/documentation/Security/Conceptual/SecureCodingGuide/Introduction.html)
+* [Mac Forensics: Mac OS X and the HFS+ File System](https://cet4861.pbworks.com/w/file/fetch/71245694/mac.forensics.craiger-burke.IFIP.06.pdf) (pdf)
+* [Mac OS X Forensics - Technical Report](https://www.ma.rhul.ac.uk/static/techrep/2015/RHUL-MA-2015-8.pdf) (pdf)
+* [Mac OS X and iOS Internals: To the Apple's Core by Jonathan Levin](https://www.amazon.com/Mac-OS-iOS-Internals-Apples/dp/1118057651)
+* [MacAdmins on Slack](https://macadmins.herokuapp.com/)
+* [MacOS Hardening Guide - Appendix of \*OS Internals: Volume III - Security & Insecurity Internals](http://newosxbook.com/files/moxii3/AppendixA.pdf) (pdf)
+* [Managing Macs at Google Scale (LISA '13)](https://www.usenix.org/conference/lisa13/managing-macs-google-scale)
+* [OS X 10.10 Yosemite: The Ars Technica Review](https://arstechnica.com/apple/2014/10/os-x-10-10/)
+* [OS X Core Technologies Overview White Paper](https://www.apple.com/osx/all-features/pdf/osx_elcapitan_core_technologies_overview.pdf) (pdf)
+* [OS X Hardening: Securing a Large Global Mac Fleet (LISA '13)](https://www.usenix.org/conference/lisa13/os-x-hardening-securing-large-global-mac-fleet)
+* [OSX.Pirrit Mac Adware Part III: The DaVinci Code](https://www.cybereason.com/blog/targetingedge-mac-os-x-pirrit-malware-adware-still-active)
+* [Over The Air - Vol. 2, Pt. 1: Exploiting The Wi-Fi Stack on Apple Devices](https://googleprojectzero.blogspot.com/2017/09/over-air-vol-2-pt-1-exploiting-wi-fi.html)
+* [Patrick Wardle's Objective-See blog](https://objective-see.com/blog.html)
+* [Remote code execution, git, and OS X](https://rachelbythebay.com/w/2016/04/17/unprotected/)
+* [Reverse Engineering Mac OS X blog](https://reverse.put.as/)
+* [Reverse Engineering Resources](http://samdmarshall.com/re.html)
+* [Security Configuration For Mac OS X Version 10.6 Snow Leopard](https://www.apple.com/support/security/guides/docs/SnowLeopard_Security_Config_v10.6.pdf) (pdf)
+* [The EFI boot process](http://web.archive.org/web/20160508052211/http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/efi-boot-process.html)
+* [The Great DOM Fuzz-off of 2017](https://googleprojectzero.blogspot.be/2017/09/the-great-dom-fuzz-off-of-2017.html)
+* [The Intel Mac boot process](http://refit.sourceforge.net/info/boot_process.html)
+* [The macOS Phishing Easy Button: AppleScript Dangers](https://duo.com/blog/the-macos-phishing-easy-button-applescript-dangers)
+* [There's a lot of vulnerable OS X applications out there (Sparkle Framework RCE)](https://vulnsec.com/2016/osx-apps-vulnerabilities/)
+* [Userland Persistence on Mac OS X](https://archive.org/details/joshpitts_shmoocon2015)
+* [iCloud security and privacy overview](https://support.apple.com/kb/HT4865)
+* [iSeeYou: Disabling the MacBook Webcam Indicator LED](https://jscholarship.library.jhu.edu/handle/1774.2/36569)
 
diff --git a/14F27_launchd.csv b/launchd/14F27_launchd.csv
similarity index 100%
rename from 14F27_launchd.csv
rename to launchd/14F27_launchd.csv
diff --git a/15B42_launchd.csv b/launchd/15B42_launchd.csv
similarity index 100%
rename from 15B42_launchd.csv
rename to launchd/15B42_launchd.csv
diff --git a/16A323_launchd.csv b/launchd/16A323_launchd.csv
similarity index 100%
rename from 16A323_launchd.csv
rename to launchd/16A323_launchd.csv
diff --git a/comments.csv b/launchd/comments.csv
similarity index 100%
rename from comments.csv
rename to launchd/comments.csv
diff --git a/read_launch_plists.py b/launchd/read_launch_plists.py
similarity index 100%
rename from read_launch_plists.py
rename to launchd/read_launch_plists.py