In 2026, initial access is harder than ever. Smartscreen, modern EDRs, and OS-level protections have turned yesterday’s techniques into instant alerts.
On MacOS, the challenge is even greater. The attack surface is small, the restrictions are aggressive, and most traditional delivery methods simply fail.
In this talk, I’ll walk through initial access techniques that still work in 2026 — what survives modern defenses, what no longer does, and why. I’ll break down the advantages, limitations, and trade-offs of each approach.
Finally, I’ll share selected techniques from our private research showing how attackers can still navigate and evade OS-level restrictions in real-world red team operations.
Presentation will be held by Emeric Nasi. Emeric is a french cybersecurity researcher and the founder of BallisKit. He is passionate about all infosec subject, and his main research interests are mitigation bypass, malware writing, and exploit weaponization. He have been speaker at several conferences and published about topics such as EDR Evasion, protection bypasses, Initial Access, Linux and Windows security, etc. He is now focused on R&D for RedTeams and are author of MacroPack Pro and ShellcodePack.
If you’re responsible for securing your systems, this is a talk you don’t want to miss!