diff --git a/Mac/Defense_Evasion/Clear_Command_History.md b/Mac/Defense_Evasion/Clear_Command_History.md
new file mode 100644
index 0000000..a855bf8
--- /dev/null
+++ b/Mac/Defense_Evasion/Clear_Command_History.md
@@ -0,0 +1,20 @@
+# Defense Evasion
+
+MITRE ATT&CK Technique: [T1146](https://attack.mitre.org/wiki/Technique/T1146)
+
+
+## multiple shells
+
+    unset HISTFILE
+
+    export HISTFILESIZE=0
+
+    history -c
+
+## bash
+
+    rm ~/.bash_history
+
+	cat /dev/null > ~/.bash_history
+
+	
diff --git a/Mac/Defense_Evasion/Gatekeeper_Bypass.md b/Mac/Defense_Evasion/Gatekeeper_Bypass.md
new file mode 100644
index 0000000..4e447c5
--- /dev/null
+++ b/Mac/Defense_Evasion/Gatekeeper_Bypass.md
@@ -0,0 +1,9 @@
+# Defense Evasion
+
+MITRE ATT&CK Technique: [T1144](https://attack.mitre.org/wiki/Technique/T1144)
+
+
+    sudo xattr -r -d com.apple.quarantine /path/to/MyApp.app
+
+    sudo spctl --master-disable
+