I wrote a tool that dumps a specific section from a remote mach-o based process to a file.
However, after upgrading to El Capitan (10.11), it no longer works due to the SIP feature that prevents me from using task_for_pid. This is intended to prevent code injection to remote signed processes.
However, I only need it for reading the remote process' memory space. Perhaps there exists some sort of alternative for the following code to work on 10.11?
task_for_pid(mach_task_self(), pid, &target);
mach_vm_read(target, virtual_offset, xfer_vmsize, &local_address, &local_size);