0x36/ghidra_kernelcache external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

0x36/ghidra_kernelcache

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/0x36/ghidra_kernelcache)

Close

0x36 / ghidra_kernelcacheView on GitHubMore

• External links
• Readme badge

a Ghidra framework for iOS kernelcache reverse engineering

☆363Nov 6, 2022Updated 3 years ago

Alternatives and similar repositories for ghidra_kernelcache

Users that are interested in ghidra_kernelcache are comparing it to the libraries listed below

• Siguza / iometa

  View on GitHub
  arm64 IOKit class dumper
  ☆289Jan 5, 2026Updated last month
• bazad / ida_kernelcache

  View on GitHub
  An IDA Toolkit for analyzing iOS kernelcaches.
  ☆299Jul 24, 2020Updated 5 years ago
• googleprojectzero / ktrw

  View on GitHub
  An iOS kernel debugger based on a KTRR bypass for A11 iPhones; works with LLDB and IDA Pro.
  ☆688Oct 22, 2022Updated 3 years ago
• cellebrite-labs / ida_kernelcache

  View on GitHub
  An IDA Toolkit for analyzing iOS kernelcaches.
  ☆109May 15, 2025Updated 9 months ago
• Siguza / libkrw

  View on GitHub
  Lib kernel r/w
  ☆189Nov 1, 2021Updated 4 years ago
• jsherman212 / xnuspy

  View on GitHub
  an iOS kernel function hooking framework for checkra1n'able devices
  ☆582Oct 6, 2021Updated 4 years ago
• 0x36 / oob_events

  View on GitHub
  kernel exploit for Apple iOS 13.X
  ☆185Nov 27, 2020Updated 5 years ago
• 0x36 / weightBufs

  View on GitHub
  ANE kernel r/w exploit for iOS 15 and macOS 12
  ☆302Nov 20, 2022Updated 3 years ago
• cellebrite-labs / ida_kcpp

  View on GitHub
  An IDAPython module for enhancing c++ support on top of ida_kernelcache
  ☆140May 15, 2025Updated 9 months ago
• Siguza / iokit-utils

  View on GitHub
  Dev tools for probing IOKit
  ☆200Sep 23, 2023Updated 2 years ago
• NyanSatan / Virtual-iBoot-Fun

  View on GitHub
  Another Virtualization.framework demo project, with focus to iBoot (WIP)
  ☆176Dec 2, 2023Updated 2 years ago
• evilpenguin / XPCSniffer

  View on GitHub
  Sniff XPC goodies on your iOS device.
  ☆96Nov 14, 2020Updated 5 years ago
• jsherman212 / iomfb-exploit

  View on GitHub
  Exploit for CVE-2021-30807
  ☆132Nov 29, 2021Updated 4 years ago
• lilang-wu / p-joker

  View on GitHub
  p-joker -- iOS/MacOS kernelcache/kexts analysis tool
  ☆111May 18, 2020Updated 5 years ago
• argp / iBoot64helper

  View on GitHub
  IDAPython loader to help with AArch64 iBoot, iBEC, and SecureROM reverse engineering
  ☆262Feb 21, 2022Updated 4 years ago
• Proteas / sep-fw-dyld-cache-loader

  View on GitHub
  IDA loader for SEP firmware with dyld cache support.
  ☆67Aug 22, 2024Updated last year
• blacktop / darwin-xnu-build

  View on GitHub
  XNU kernel, Kernel Collection and CodeQL build scripts
  ☆274Jan 8, 2026Updated last month
• cellebrite-labs / PacXplorer

  View on GitHub
  IDA plugin to find code cross references to virtual functions using PAC codes
  ☆147Mar 16, 2022Updated 3 years ago
• pwn0rz / xnu-build

  View on GitHub
  xnu build script
  ☆71Aug 31, 2023Updated 2 years ago
• cellebrite-labs / sandblaster

  View on GitHub
  Reversing the Apple sandbox
  ☆165Dec 7, 2025Updated 2 months ago
• jakeajames / time_waste

  View on GitHub
  iOS 12.0-13.3 tfp0
  ☆153Nov 16, 2020Updated 5 years ago
• arandomdev / DyldExtractor

  View on GitHub
  Extract Binaries from Apple's Dyld Shared Cache
  ☆469Jan 27, 2025Updated last year
• seemoo-lab / toothpicker

  View on GitHub
  ☆244Sep 21, 2021Updated 4 years ago
• 0x7ff / dimentio

  View on GitHub
  Tool for getting and setting nonce without triggering KPP/KTRR/PAC.
  ☆113Apr 22, 2023Updated 2 years ago
• fmyyss / XNU_KERNEL_RESEARCH

  View on GitHub
  ☆139Feb 17, 2024Updated 2 years ago
• opa334 / sandbox_extension_generator

  View on GitHub
  iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives
  ☆132Jun 10, 2022Updated 3 years ago
• zhuowei / HvDecompile

  View on GitHub
  Decompiling macOS Hypervisor.framework by hand
  ☆134Sep 13, 2022Updated 3 years ago
• Proteas / unstripped-ios-kernels

  View on GitHub
  Unstripped iOS Kernels
  ☆219Feb 11, 2020Updated 6 years ago
• jsherman212 / svc_stalker

  View on GitHub
  iOS system call/Mach trap interception for checkra1n'able devices
  ☆159Aug 10, 2021Updated 4 years ago
• DerekSelander / dsc_symbols

  View on GitHub
  symbol dumps of iOS shared caches
  ☆34Oct 15, 2022Updated 3 years ago
• PoomSmart / IDAObjcTypes

  View on GitHub
  A collection of types & functions definitions useful for iOS/macOS binaries analysis.
  ☆389Jul 10, 2025Updated 7 months ago
• malus-security / sandblaster

  View on GitHub
  Reversing the Apple sandbox
  ☆251Apr 24, 2025Updated 10 months ago
• opa334 / Presentations

  View on GitHub
  ☆85May 20, 2025Updated 9 months ago
• Siguza / ios-resources

  View on GitHub
  Useful resources for iOS hacking
  ☆1,889May 24, 2025Updated 9 months ago
• raymontag / chain3

  View on GitHub
  ☆51Jul 20, 2020Updated 5 years ago
• ant4g0nist / ManuFuzzer

  View on GitHub
  Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM
  ☆180May 19, 2025Updated 9 months ago
• ReverseApple / gxpc

  View on GitHub
  Sniff XPC communication using Frida and Go
  ☆156Feb 10, 2026Updated 2 weeks ago
• houjingyi233 / macOS-iOS-system-security

  View on GitHub
  Here is some resources about macOS/iOS system security.
  ☆537Feb 19, 2025Updated last year
• galli-leo / emmutaler

  View on GitHub
  A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.
  ☆164Sep 18, 2021Updated 4 years ago