You'll have to be a lot more specific, but I suggest looking at:
1) Metasploit
2) The social engineering toolkit 0.4 (part of Backtrack Linux)
They sort of work together. The social engineering toolkit is designed to trick people into running a malicious java applet. The applet runs a Metasploit payload that gives the attacker full access to the system, then forwards them to a safe page.
Metasploit also has some OS X exploits built in:
osx/afp/loginext average AppleFileServer LoginExt PathName Overflow
osx/arkeia/type77 average Arkeia Backup Client Type 77 Overflow (Mac OS X)
osx/armle/safari_libtiff good iPhone MobileSafari LibTIFF Buffer Overflow
osx/browser/safari_libtiff good iPhone MobileSafari LibTIFF Buffer Overflow
osx/browser/safari_metadata_archive excellent Safari Archive Metadata Command Execution
osx/browser/software_update excellent Apple OS X Software Update Command Execution
osx/email/mailapp_image_exec excellent Mail.app Image Attachment Command Execution
osx/email/mobilemail_libtiff good iPhone MobileMail LibTIFF Buffer Overflow
osx/ftp/webstar_ftp_user average WebSTAR FTP Server USER Overflow
osx/mdns/upnp_location average Mac OS X mDNSResponder UPnP Location Overflow
osx/rtsp/quicktime_rtsp_content_type average MacOS X QuickTime RTSP Content-Type Overflow
osx/samba/lsa_transnames_heap average Samba lsa_io_trans_names Heap Overflow
osx/samba/trans2open great Samba trans2open Overflow (Mac OS X)
