GPU, ANE, and non-CPU evasion for Apple Silicon operators.
This advanced track teaches accelerator-backed macOS evasion from an offensive research standpoint: CPU scanner blind spots, Metal private buffers, command queues, blit movement, sandboxed accelerator access, ANE visibility limits, and bounded operator claims.
The course focuses on proving what is visible, what is not visible, and what must remain a bounded claim. Researchers build evidence around real Apple Silicon behavior instead of relying on generic GPU theory or recycled command references.
DEF CON prebooking promotional offer. Full course access opens on Aug 10.
Operator Research Model, Boundaries, and Baseline
Set the authorized research model, evidence standards, hardware baseline, and operator notebook discipline for accelerator-backed evasion work.
Memory Visibility and Scanner Bypass Foundations
Build the CPU memory-scanner baseline so researchers can prove what traditional process-memory visibility actually sees and where it stops.
Apple Silicon Accelerator Attack Surface for Operators
Map the Apple Silicon accelerator surface from an operator standpoint: GPU, ANE, command queues, DMA-style movement, and visibility assumptions.
Metal Primitives for Offensive Visibility Testing
Learn the Metal primitives that make accelerator visibility testing reproducible: devices, buffers, storage modes, command buffers, and blit boundaries.
GPU Private Memory Evasion Tradecraft
Develop the GPU private-memory evasion methodology, including staging, timing, proof hygiene, and bounded claims around scanner visibility gaps.
Execution-Proof Boundaries and W^X Reality
Separate data hiding from execution claims and prove recovery, W^X constraints, MAP_JIT boundaries, and cleanup windows with harmless byte sequences.
Low-Privilege and Sandboxed Tradecraft
Test what still works from low-privilege and sandboxed contexts, with explicit proof of sandbox state and accelerator access boundaries.
Operator Instrumentation and Visibility Checks
Instrument accelerator workflows enough to validate operator claims without turning the course into a detection-engineering track.
ANE Visibility Assumptions and Operator Reality
Frame ANE and Apple Intelligence-adjacent visibility limits from an offensive research perspective without overclaiming internal access.
Non-CPU Staging Patterns Beyond Metal
Explore non-CoreML accelerator workflows across media, Vision, AVFoundation, IOSurface, and temporary processing artifacts.
Operator OPSEC, Client Impact, and Reporting
Convert accelerator behavior into operator-grade findings: OPSEC matrix, artifact review, claim limits, and professional reporting language.
Capstone: Authorized Accelerator Evasion Assessment
Run the capstone target range and produce a complete bounded finding package for GPU, ANE, and non-CPU evasion research.