0x7ff / maphys

Related projects ⓘ

Alternatives and complementary repositories for maphys

• userlandkernel / USBusted
  Research on Apple's USB protocols
  ☆29Updated 4 years ago
• 0x7ff / vtable
  A tool for reversing IOKit classes from the iOS 12's new kernelcache format.
  ☆23Updated 6 years ago
• 0x7ff / iBootMaybeDumper
  See https://github.com/0x7ff/iBootMaybeDumper/issues/1#issuecomment-426731516 for more info.
  ☆19Updated 6 years ago
• jakeajames / kernelSymbolFinder
  Get kernel symbols on device. No jailbreak required (note: unslid addresses)
  ☆26Updated 6 years ago
• shinvou / decrypt0r
  Automatically download and decrypt SecureRom stuff (iBSS, iBEC, iBoot, etc.) for all iOS versions available.
  ☆50Updated 4 years ago
• Siguza / misc
  ☆35Updated last year
• tihmstar / powend
  powerd exploit : Sandbox escape to root for Apple iOS < 12.2 on A11 devices
  ☆16Updated 5 years ago
• Haifisch / kuzz
  ios iokit fuzzer (really probably isn't that useful anymore tbh)
  ☆60Updated 7 years ago
• Jailbreaks / empty_list
  empty_list - exploit for p0 issue 1564 (CVE-2018-4243) iOS 11.0 - 11.3.1 kernel r/w
  ☆19Updated 6 years ago
• Siguza / ios-scripts
  iOS-related command line goodies
  ☆52Updated 5 years ago
• MTJailed / XNU-Kernel-Fuzzer
  A fuzzer for the iOS kernel and userland
  ☆44Updated 6 years ago
• Proteas / ios-class-tree
  ios kernel class tree
  ☆23Updated 5 years ago
• Proteas / ios13-sandbox-profile-format
  Binary Format of iOS 13 Sandbox Profile Collection
  ☆50Updated 5 years ago
• matteyeux / srom64helper
  use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced
  ☆32Updated 5 years ago
• 0x7ff / kextract
  A tool for extracting kernel extensions from the iOS 12's new kernelcache format.
  ☆12Updated 6 years ago
• tihmstar / kdp.py
  crappy "debugger"-like memory reader, to inspect 32bit ios kernel after it paniced
  ☆15Updated 5 years ago
• xerub / ibex64
  iBoot64 Payload Development Toolkit
  ☆42Updated 7 years ago
• bazad / launchd-portrep
  CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.
  ☆58Updated 6 years ago
• OpenJailbreak / sudochop
  iOS Userland Forensic Dumping Framework for iOS 7/8
  ☆18Updated 6 years ago
• freedomtan / iOS-device-tree-dump
  Dump non-encrypted iOS device tree extracted from im4p
  ☆40Updated 2 years ago
• xerub / patchfinder64
  iOS ARM64 kernel patchfinder
  ☆74Updated 5 years ago
• jsherman212 / iosdbg
  experimental iOS debugger
  ☆24Updated 4 years ago
• bazad / presentations
  Slides from my conference presentations.
  ☆79Updated 4 years ago
• xerub / ibex
  iBoot Payload Development Toolkit
  ☆40Updated 7 years ago
• GeoSn0w / MachDump
  A very basic C Mach-O Header Dump tool written for practicing purposes. Works With x86 and x86_64 binaries
  ☆36Updated last year
• in7egral / ios-jailbreak-patchfinder64
  Analyzes a binary iOS kernel to determine function offsets and where to apply the canonical jailbreak patches.
  ☆65Updated 7 years ago
• 0x7ff / golb
  Mapping physical memory to user space (EL0) on iOS.
  ☆66Updated last year
• tjkr0wn / xnu_gym
  xnu_gym is a pongoOS module that patches XNU to reintroduce previously known and patched vulnerabilities. This is an easy way to practice…
  ☆55Updated 3 years ago