Mapping physical memory to user space (EL0) on iOS.
☆75Jan 3, 2023Updated 3 years ago
Alternatives and similar repositories for golb
Users that are interested in golb are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Accessing physical memory on iOS.☆52Sep 21, 2020Updated 5 years ago
- Tool for getting and setting nonce without triggering KPP/KTRR/PAC.☆113Apr 22, 2023Updated 2 years ago
- Fun with iOS☆13Aug 3, 2013Updated 12 years ago
- A tool for listing/reversing XPC services inside container sandbox. Reference: https://www.blackhat.com/docs/us-15/materials/us-15-Wang-R…☆22Sep 6, 2018Updated 7 years ago
- See https://github.com/0x7ff/iBootMaybeDumper/issues/1#issuecomment-426731516 for more info.☆21Sep 6, 2018Updated 7 years ago
- A tool for reversing IOKit classes from the iOS 12's new kernelcache format.☆23Aug 2, 2018Updated 7 years ago
- An old, ugly and deprecated script to download, decrypt and upload .ipa files to appdb. Check out the new one: https://github.com/n3d1117…☆15Mar 5, 2018Updated 8 years ago
- load iOS12 kernelcaches and PAC code in IDA☆60Oct 4, 2018Updated 7 years ago
- PoC for the iOS 11.4.1 and MacOS 10.13 kernel vulnerability in lio_listio☆78Oct 31, 2018Updated 7 years ago
- App with PoC of CVE-2024-44285☆43Nov 30, 2024Updated last year
- iOS ARM64 kernel patchfinder☆16Jul 1, 2019Updated 6 years ago
- Unstripped iOS kernel extensions and more. More coming soon.☆59Feb 18, 2020Updated 6 years ago
- Open source version of Apple's restored_external on the iPhone restore ramdisk☆15Jun 2, 2010Updated 15 years ago
- Lockdown related research, tools and POCs.☆90May 18, 2019Updated 6 years ago
- A tool for extracting kernel extensions from the iOS 12's new kernelcache format.☆13Aug 2, 2018Updated 7 years ago
- I hate this iPad 2☆10Oct 13, 2013Updated 12 years ago
- Python scripts for iOS stuff☆31Oct 21, 2020Updated 5 years ago
- A pre-jailbreak library for devices running iOS 12 - 14.☆44Dec 31, 2024Updated last year
- powerd exploit : Sandbox escape to root for Apple iOS < 12.2 on A11 devices☆17May 21, 2019Updated 6 years ago
- a kernel information leak on macOS<= 10.14.4☆10May 24, 2019Updated 6 years ago
- iBoot/SEPOS decryption kit for JTAGgable iOS device prototypes☆135Feb 23, 2026Updated last month
- A custom shellcode hook for checkra1n 0.1337 written in c!☆35Dec 20, 2023Updated 2 years ago
- Experimentation environment for checkm8-vulnerable devices☆57Dec 30, 2023Updated 2 years ago
- mount tool for Darwin's bindfs (only tested on iOS)☆14Sep 16, 2021Updated 4 years ago
- 64-bit iOS boot image patcher written in C☆146Sep 18, 2022Updated 3 years ago
- Apple Hypervisor.framework bindings for Golang☆36Jan 12, 2026Updated 2 months ago
- untethered+unsandboxed code execution in iOS 11☆189Feb 16, 2020Updated 6 years ago
- 32/64 bit SecureROM/iBoot loader for IDA Pro. Also supports loading and decrypting encrypted .im4ps within IDA.☆73Mar 2, 2022Updated 4 years ago
- iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives☆132Jun 10, 2022Updated 3 years ago
- Collection of my bugs and CVE, with PoC or writeup☆58Mar 11, 2026Updated last week
- A arm offsetfinder. It finds offsets, patches, parses Mach-O and even supports IMG4/IMG3☆149Feb 21, 2026Updated last month
- Lib kernel r/w☆190Nov 1, 2021Updated 4 years ago
- An iOS kernel debugger based on a KTRR bypass for A11 iPhones; works with LLDB and IDA Pro.☆61May 20, 2021Updated 4 years ago
- call functions in a remote process using Mach API☆106Mar 19, 2025Updated last year
- Transform any ARM macho executable to a dynamic library☆77Aug 24, 2022Updated 3 years ago
- ☆26May 19, 2022Updated 3 years ago
- ☆20May 24, 2021Updated 4 years ago
- Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6☆96Jul 21, 2022Updated 3 years ago
- Writes to nand_llb and triggers the Image3 SHSH overlap bug☆14Dec 2, 2023Updated 2 years ago