When most people think of hacking, they think of Linux. I used to turn my nose up at even the idea of hacking from a Mac because it didn’t make sense. Nowadays, it’s all I’ve been using for my OSINT investigations and penetration testing – as it has become my proverbial command center.
When I sit down at my cluster of computer monitors and machines, I’m hidden behind at least four monitors and three computers. My MacBook Pro sits on a raised mount to my left. It automatically unlocks because I can authenticate from my watch. It also uses a biometric login button, which I can use to authenticate, decrypt my hard disk, and get to work.
However, I know some of you are probably rolling your eyes, ready to repeat something you heard someone else say: that using Apple products is supporting capitalism. News flash: in most cases, every time you buy something, you're supporting capitalism. Now that’s settled.
Over a decade ago, it was the other way around. Most of the hackers I knew used Windows, and our tools were exceedingly robust. That is, until Windows Defender became too twitchy, making it nearly impossible to retain our tools, so we all shifted to Linux. But what about the Apple Mac?
One of the most experienced hackers and cybersecurity experts I have ever known was a woman named Tr0nik. An interesting fact about her was that she worked her magic from behind a Macbook. There’s a good reason for this.
At some point in my life journey, I was inspired to explore what I could do with its unique hardware and marveled at its hardware and software stability. If you aren’t familiar with Macs, you’ll soon see how using certain system functions will feel like home to Linux users. After all, we Linux users are well acquainted with the Terminal, using Virtual Machines, and so on.
It’s got UNIX inside?
It’s important to note that macOS is built on a Unix-based kernel based on OpenBSD, (Berkeley Software Distribution). In fact, macOS is certified by The Open Group as a UNIX 03-compliant operating system, which is consequently why it’s compatible with many Unix-based tools, including Linux. Now we’ve come full circle.
BSD provides most of the Unix functionality within the macOS environment. For example, file system management, user commands, and networking. Because Unix is the foundation of the operating system, macOS uses a Unix-based terminal, which uses standard Unix commands familiar to Linux users, such as ls, grep, sudo, ps, cd, rm, mkdir, and many more.
Exclusive hardware and software ecosystem
The stability aspect of a Mac is worthy of note because Apple designs and controls both the hardware and software, whereas Windows and Linux run on a broad range of hardware configurations.
Thus, Apple optimizes its operating systems specifically for its own hardware, which creates a closed ecosystem, whereas Windows and Linux depend on thousands of different configurations depending on different manufacturers.
This, in turn, allows for more consistent performance, which helps eliminate mishaps and compatibility problems, giving Mac better performance. The only downside for macOS users is simply the fact that in many cases it’s a bit more restrictive regarding hardware choices and software compatibility.
Moreover, hacking from Mac-based hardware should be no mystery. For example, my MacBook is a 2018 model, sporting a 3.1 GHz quad-core and an Intel Core i7 processor.
Intel Core’s come with more raw performance in many cases, and are typically more compatible with legacy software. Additionally, they are excellent at running games and Windows applications, although they can consume more power and produce more heat.
Unfortunately, Apple discontinued its use of Intel processors and began rolling out its very own Apple Silicon chips in 2020, utilizing Apple’s M1, M2, and M3 processors. These are more power efficient, ensuring better performance, battery longevity, and thermal management. Therefore, if you want to use an Intel Core processor, it is best to start looking on Amazon or eBay.
Terminal emulation and Homebrew
Terminal is a hacker’s best friend. Therefore, the first thing you should do is install Homebrew. This is a package manager and repository for UNIX and macOS. With nearly everything you’re going to need to start installing and running your favorite security tools, whether that be Metasploit framework, nmap, Maltego, you name it. To install it, copy and paste the snippet below into Terminal and hit enter.
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
Installing packages from the Homebrew repository is easy. For example, if you wanted to install Nmap, open up the Terminal, type brew install nmap and hit enter.
Other similar functions you can run from the macOS Terminal:
brew update | Updates your package manager |
brew upgrade | Upgrades your installed packages to their latest version |
brew cleanup | Cleans up old versions after upgrading |
I installed Git and immediately started adding all my GitHub tools. Homebrew also has Metasploit in its repository, which is my go-to security auditing tool.
brew install --cask metasploit
Metasploit can also be installed, along with its signing key from the Terminal by simply copying and pasting the following snippet from the official Metasploit website:
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
chmod 755 msfinstall && \
./msfinstall
Take advantage of your Mac through virtual machines
For those who want to take advantage of Mac’s hardware but want to be using Linux, Windows, or any other operating system – you’re in luck. You can dual boot a Mac with another operating system, or you can use a Virtual Machine, such as VirtualBox, which is compatible with macOS and supports both Intel processors and Apple Silicone hosts.
Personally, I’ve found that while VirtualBox works on my Macbook, there is a slight latency issue that doesn’t feel organic. For this reason, I started using Parallels, which makes my virtualization experience using Windows and Linux feel more organic, as if it’s my primary OS. I don’t need any add-ons. It’s ready to launch my labs and testing environments.
External WiFi hardware compatibility in virtual machines
One of the most important equipment I rely on during my WiFi penetration testing campaigns is my external MK7AC WiFi adapter, which I need to be able to use in my virtual machine. That way, I don’t have to use a bootable USB with Kali Linux just to be able to perform packet captures, which is necessary for packet sniffing and other Man-in-the-Middle attacks.
Good news for Parallels users, it’s as easy as plug-and-play. Once you plug your external WiFi adapter into the Mac while using Parallels, you will be greeted with the prompt below, allowing you to select where you want to use the WiFi adapter. A secondary prompt will allow you the option of permitting Parallels to access your 802.11 WLAN adapter.
For VirtualBox users, you will need to download and install the Oracle VM VirtualBox Extension Pack. This will add support for USB 2.0/3.0 devices, virtual remote desktop protocol, and disk encryption.
In the USB section of your settings, you can configure your peripheral device by adding your WiFi adapter. Simply click on the plus sign. This adds a new USB filter with all fields set to the values of the selected USB device attached to the host PC.
For me, I selected MediaTek Inc. 802.11ac WLAN, which is the chipset used by my MK7AC WiFi adapter.
Next, either click the gear icon on the right or right-click on the name of the WiFi card you added under USB Device Filter and select Edit Filter.
Finally, at the bottom of the window, select the Remote drop-down menu and click Yes. Then click Okay.
Lastly, within your virtual machine, select Devices, scroll down to USB, and select your USB WiFi adapter. You may hear a chime, indicating that the USB device has now been virtually inserted. Now connect to your Wireless network.
Always remember to never judge a book by its cover, least of all the power of an Apple Mac.
Your email address will not be published. Required fields are markedmarked