macOS Internals



According to Apple's announcement at WWDC 2019, starting macOS Catalina, few types of Kernel Extensions (kexts) were to be deprecated and would be replaced by System Extensions and DriverKit. System Extensions are of type Network Extensions and Endpoint Security. Our project involved developing Network Extensions from scratch in order to replace the existing kexts. We developed the Network Extensions of type Content Filter and Transparent App proxy. One of the key challenges in the project was the sparse documentation around these new System Extensions. These challenges and the solutions for the same were also presented at Virus Bulletin Conference 2020.