Lockdown related research, tools and POCs.
☆90May 18, 2019Updated 6 years ago
Alternatives and similar repositories for lockdownd_playground
Users that are interested in lockdownd_playground are comparing it to the libraries listed below
Sorting:
- ☆32Apr 22, 2019Updated 6 years ago
- An iOS kernel exploit for iOS 11 through 12.1.2. Non-SMAP (<=A9) devices only.☆80Apr 30, 2019Updated 6 years ago
- ios kernel class tree☆23May 30, 2019Updated 6 years ago
- powerd exploit : Sandbox escape to root for Apple iOS < 12.2 on A11 devices☆110Mar 28, 2019Updated 6 years ago
- Unstripped iOS kernel extensions and more. More coming soon.☆59Feb 18, 2020Updated 6 years ago
- a kernel information leak on macOS<= 10.14.4☆10May 24, 2019Updated 6 years ago
- Binary Format of iOS 13 Sandbox Profile Collection☆52Oct 30, 2019Updated 6 years ago
- Accessing physical memory on iOS.☆52Sep 21, 2020Updated 5 years ago
- powerd exploit : Sandbox escape to root for Apple iOS < 12.2 on A11 devices☆17May 21, 2019Updated 6 years ago
- An old, ugly and deprecated script to download, decrypt and upload .ipa files to appdb. Check out the new one: https://github.com/n3d1117…☆15Mar 5, 2018Updated 8 years ago
- Give me tfp0, I give you jelbrek☆260Oct 28, 2020Updated 5 years ago
- CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.☆59Oct 28, 2018Updated 7 years ago
- untethered+unsandboxed code execution in iOS 11☆189Feb 16, 2020Updated 6 years ago
- getf tfp0 on iOS 12.0 - 12.1.2☆65Feb 15, 2019Updated 7 years ago
- IDAPython loader to help with AArch64 iBoot, iBEC, and SecureROM reverse engineering☆262Feb 21, 2022Updated 4 years ago
- Collection of (at time of release) iOS bugs I found☆56Jan 28, 2020Updated 6 years ago
- iOS 10.0-12.2 tfp0☆131Sep 3, 2019Updated 6 years ago
- just a kernelgrabber, for those who can't reach out of sandbox☆18Feb 24, 2024Updated 2 years ago
- Unstripped iOS Kernels☆219Feb 11, 2020Updated 6 years ago
- iOS ARM64 kernel patchfinder☆78Aug 23, 2019Updated 6 years ago
- getf tfp0 on iOS 11.2 - 11.4.1☆68Feb 7, 2019Updated 7 years ago
- iOS 12.0-13.3 tfp0☆153Nov 16, 2020Updated 5 years ago
- some research results of sep☆20Apr 9, 2021Updated 4 years ago
- A tool for extracting kernel extensions from the iOS 12's new kernelcache format.☆13Aug 2, 2018Updated 7 years ago
- An IDA Toolkit for analyzing iOS kernelcaches.☆299Jul 24, 2020Updated 5 years ago
- An iOS kernel exploit for iOS 11 through 12.1.2. Works on A7 - A11 devices.☆103Mar 16, 2019Updated 6 years ago
- ☆20May 24, 2021Updated 4 years ago
- use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced☆33Sep 2, 2019Updated 6 years ago
- PoC☆212Jan 13, 2025Updated last year
- This repo contains Writeups for the 35C3CTF.☆48Jan 4, 2019Updated 7 years ago
- call functions in a remote process using Mach API☆106Mar 19, 2025Updated 11 months ago
- macOS kext for host_special_port(4) patch☆90Nov 13, 2023Updated 2 years ago
- Demo: Anti Anti-Debug in iOS Kernel☆74Nov 29, 2017Updated 8 years ago
- ☆37Jun 7, 2019Updated 6 years ago
- IDA plugin to find code cross references to virtual functions using PAC codes☆147Mar 16, 2022Updated 3 years ago
- PoC for the iOS 11.4.1 and MacOS 10.13 kernel vulnerability in lio_listio☆78Oct 31, 2018Updated 7 years ago
- Dev tools for probing IOKit☆200Sep 23, 2023Updated 2 years ago
- Automatically download and decrypt SecureRom stuff (iBSS, iBEC, iBoot, etc.) for all iOS versions available.☆52Dec 4, 2019Updated 6 years ago
- Tool for getting and setting nonce without triggering KPP/KTRR/PAC.☆113Apr 22, 2023Updated 2 years ago