Alternatives and similar repositories for KernInfra

Users that are interested in KernInfra are comparing it to the libraries listed below

• NyaMisty / detours_cross
  Cross Platform Hook Library based on Detours
  ☆34Updated last year
• NyaMisty / xnu_bypass
  ☆49Updated 4 years ago
• FFRI / CVE-2025-24204
  PoC and technical details of CVE-2025-24204
  ☆62Updated 2 weeks ago
• nick-botticelli / XNU-syscall-hiding-PoC
  PoC showing a method to hide syscalls on XNU (arm64 macOS and iOS) from static analysis
  ☆27Updated 3 years ago
• EthanArbuckle / objfind
  Search running processes on iOS for instances of a given objc class.
  ☆54Updated 9 months ago
• Lessica / HikariSummer
  Naville's HikariObfuscator for LLVM 12. Under active development. Use with caution.
  ☆55Updated 3 years ago
• doronz88 / ida-scripts
  ☆57Updated last month
• ReverseApple / inject_aarch64
  arm64 and arm64e dylib injector
  ☆36Updated last year
• markie-dev / desc_race_A15
  CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15)
  ☆48Updated 3 years ago
• NyaMisty / GhidraIDA
  Ghidra's IDA like experience by @NyaMisty
  ☆44Updated 2 weeks ago
• opa334 / syscallintercept
  an attempt to intercept syscalls for iOS applications that is unfinished and works only partially
  ☆14Updated 5 years ago
• ChiChou / ios-debug.py
  Shortcut to automate your iproxy, debugserver, lldb workflow
  ☆40Updated 11 months ago
• opa334 / Presentations
  ☆80Updated 5 months ago
• pwn0rz / idevicecap
  capture ios device traffic without jailbreak / sip disable
  ☆36Updated 3 years ago
• jjolano / RootBridge
  An iOS developer framework for rootless tweak development.
  ☆31Updated last year
• HikariRebooted / HikariCore
  A fork of Hikari's core obfuscation
  ☆72Updated 4 years ago
• paradiseduo / Anti-Disassembly-On-Arm64
  ☆18Updated 3 years ago
• miticollo / xpc-tracer
  A tracer based on frida for XPC messages in iOS and macOS.
  ☆34Updated 2 years ago
• opa334 / fishhook
  A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS.
  ☆21Updated 10 months ago
• opa334 / xnuspy_syscall_logger
  Log all syscalls executed by a process (iOS / checkra1n / xnuspy)
  ☆69Updated 3 years ago
• opa334 / sandbox_extension_generator
  iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives
  ☆131Updated 3 years ago
• ChiChou / fruity-frida
  Utilities to deploy frida on rootless iOS and more
  ☆124Updated last year
• jjolano / HookKit
  An iOS developer framework for unified hooking methods.
  ☆43Updated last year
• jakeajames / SneakyShot
  Kernel-based method to take screenshots on iOS, works with encrypted videos.
  ☆60Updated 4 years ago
• juliangrtz / frida-iOS-syscall-tracer
  Traces syscalls on iOS via Frida, including Mach syscalls.
  ☆80Updated last week
• coolstar / libhooker-basebins
  Base Binaries for libhooker
  ☆22Updated last year
• robre / frida-scripts
  ☆16Updated 4 years ago
• saeed9321 / SMHookMemory
  iOS Easy Hooking Library
  ☆26Updated 3 years ago
• plus007 / vnodebypass
  vnodebypass using hidePath of jelbrekLib(Jakeashacks) and maphys (0x7ff)
  ☆29Updated 2 years ago
• 0x7ff / golb
  Mapping physical memory to user space (EL0) on iOS.
  ☆73Updated 2 years ago