Swift is a great language for offensive tooling due to ease of development
compared to lower level languages (Objective-C/C/C++), while still having the
flexibility to utilize said lower level languages when the job requires it.
In this talk, I’ll go into the research, development, and usage of a new Swift
implant, Hermes, that can be used in modern red teaming operations. Hermes
hooks into Cody Thomas’ Mythic framework, which serves as the controller.
I will dive into the various functionality implemented within Hermes that
allows for secure communications, reconnaissance, code execution, data
exfiltration, and extensibility with existing offensive tooling. Lastly, I will
cover defensive considerations for different TTPs implemented within Hermes.
Following this talk, Hermes will be open-sourced for security professionals to
test and validate detections within macOS environments.