iBoot-1145.3 Image3/heap stack RE (+unholy tools)
☆84Feb 10, 2024Updated 2 years ago
Alternatives and similar repositories for Image3RE
Users that are interested in Image3RE are comparing it to the libraries listed below
Sorting:
- iBoot/SecureROM Loader☆34Feb 24, 2023Updated 3 years ago
- Plugin for loading MachO kernelcache and dSYM files to Binary Ninja☆40Mar 23, 2025Updated 11 months ago
- Writes to nand_llb and triggers the Image3 SHSH overlap bug☆14Dec 2, 2023Updated 2 years ago
- iOS 5.x iBoot fun for the whole family!☆43Apr 23, 2020Updated 5 years ago
- Another Virtualization.framework demo project, with focus to iBoot (WIP)☆176Dec 2, 2023Updated 2 years ago
- SEP firmware splitter, made in rust.☆45Oct 11, 2024Updated last year
- port of checkm8 to C☆139Jun 14, 2024Updated last year
- Binary Ninja loader for 64 bits Apple SEPROMs☆58Sep 7, 2025Updated 5 months ago
- Boot arbitrary iBoot via ipwndfu's custom protocol on 32-bit platforms (and more)☆65Dec 21, 2025Updated 2 months ago
- Exploit for CVE-2021-30807☆132Nov 29, 2021Updated 4 years ago
- ☆39Feb 10, 2021Updated 5 years ago
- iBoot/SEPOS decryption kit for JTAGgable iOS device prototypes☆133Feb 23, 2026Updated last week
- A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.☆164Sep 18, 2021Updated 4 years ago
- Small binja plugin to import header file to types☆18Nov 11, 2022Updated 3 years ago
- Mach-O view plugin☆20Mar 7, 2024Updated last year
- IDA loader for SEP firmware with dyld cache support.☆67Aug 22, 2024Updated last year
- Binary View plugin for reverse engineering iBoot like binaries with Binary Ninja☆54Jan 25, 2024Updated 2 years ago
- Spice - an unfinished iOS 11 untether☆112Oct 16, 2021Updated 4 years ago
- An *OS bootchain patching library.☆15Feb 23, 2026Updated last week
- An IDA Toolkit for analyzing iOS kernelcaches.☆110May 15, 2025Updated 9 months ago
- IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter☆161Nov 2, 2024Updated last year
- Golang bindings for the Binary Ninja Arm64 Disassembler.☆14Nov 24, 2025Updated 3 months ago
- Unicorn Engine based running of SecureROM☆11Sep 13, 2022Updated 3 years ago
- ☆15Oct 27, 2022Updated 3 years ago
- Tool to patch the ASLR slide generation in the kernel to disable user-land ASLR on 32-bit iOS☆31Dec 6, 2020Updated 5 years ago
- Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6☆96Jul 21, 2022Updated 3 years ago
- ☆22Oct 27, 2022Updated 3 years ago
- Tool for getting and setting nonce without triggering KPP/KTRR/PAC.☆113Apr 22, 2023Updated 2 years ago
- ☆14Mar 27, 2023Updated 2 years ago
- Slides from my conference presentations.☆80Aug 5, 2020Updated 5 years ago
- use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced☆33Sep 2, 2019Updated 6 years ago
- GUI for kloader/multi_kloader in the spirit of old classic Setup.app☆29Jan 1, 2025Updated last year
- Binary Ninja loader for A12 SEP firmware☆29Feb 4, 2021Updated 5 years ago
- Host your own *OS Entitlement Database☆54Oct 23, 2025Updated 4 months ago
- Apple Hypervisor.framework bindings for Golang☆35Jan 12, 2026Updated last month
- some research results of sep☆20Apr 9, 2021Updated 4 years ago
- A tool to download and decrypt a 64 bits iOS firmware images written in Rust☆45Jan 6, 2024Updated 2 years ago
- untethered+unsandboxed code execution in iOS 11☆189Feb 16, 2020Updated 6 years ago
- A tool to find gadgets in the iOS kernelcache.☆33Jun 20, 2018Updated 7 years ago