Alternatives and similar repositories for KextRW:

Users that are interested in KextRW are comparing it to the libraries listed below

• Proteas / a7-sep-bug
  a7 sep bug
  ☆53Updated last year
• Proteas / sep-fw-dyld-cache-loader
  IDA loader for SEP firmware with dyld cache support.
  ☆57Updated 8 months ago
• alfiecg24 / Trigon
  Deterministic kernel exploit based on CVE-2023-32434.
  ☆75Updated last month
• opa334 / Presentations
  ☆71Updated 11 months ago
• pwn0rz / xnu-build
  xnu build script
  ☆71Updated last year
• Siguza / IOKernelRW
  Insecurity as an IOService
  ☆88Updated last month
• alfiecg24 / Vertex
  iOS 14 kernel exploit based on PhysPuppet
  ☆62Updated 7 months ago
• blacktop / symbolicator
  `ipsw` symbolication signatures
  ☆62Updated last month
• 0x7ff / golb
  Mapping physical memory to user space (EL0) on iOS.
  ☆73Updated 2 years ago
• jonpalmisc / respawn
  Experimentation environment for checkm8-vulnerable devices
  ☆53Updated last year
• Siguza / aea1
  AEA metadata dumper
  ☆46Updated 9 months ago
• ChiChou / ios-debug.py
  Shortcut to automate your iproxy, debugserver, lldb workflow
  ☆39Updated 5 months ago
• EthanArbuckle / objfind
  Search running processes on iOS for instances of a given objc class.
  ☆47Updated 4 months ago
• ifpdz / CVE-2025-24104
  ☆35Updated 2 months ago
• CRKatri / trustcache
  Interact with trustcaches
  ☆41Updated 2 years ago
• haiyuidesu / sephelper
  IDA loader to help with SEPROM reverse engineering.
  ☆33Updated 4 months ago
• jsherman212 / ktrw
  An iOS kernel debugger based on a KTRR bypass for A11 iPhones; works with LLDB and IDA Pro.
  ☆57Updated 3 years ago
• felix-pb / remote_pocs
  Some old unexploited remote kernel memory corruption PoCs
  ☆24Updated 8 months ago
• aemmitt-ns / funtime
  Objective-C runtime tracing tool
  ☆41Updated last year
• opa334 / xnuspy_syscall_logger
  Log all syscalls executed by a process (iOS / checkra1n / xnuspy)
  ☆63Updated 2 years ago
• blacktop / ipsw-py
  A Python library for the ipsw daemon API
  ☆24Updated last year
• citruz / pongoOS-QEMU
  Fork of PongoOS which can be run in QEMU
  ☆66Updated 3 years ago
• Billy-Ellis / aslr-kernel-patch
  Tool to patch the ASLR slide generation in the kernel to disable user-land ASLR on 32-bit iOS
  ☆34Updated 4 years ago
• Muirey03 / CVE-2022-42864
  Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition
  ☆67Updated 2 years ago
• 0cyn / iBoot-IDA
  32/64 bit SecureROM/iBoot loader for IDA Pro. Also supports loading and decrypting encrypted .im4ps within IDA.
  ☆74Updated 3 years ago
• matteyeux / ida-iboot-loader
  IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter
  ☆153Updated 6 months ago
• mwpcheung / AppleSEPFirmware
  Apple SEP reverse
  ☆52Updated 5 years ago
• 34306 / IOSurface_poc18
  App with PoC of CVE-2024-44285
  ☆42Updated 5 months ago
• cellebrite-labs / ida_kernelcache
  An IDA Toolkit for analyzing iOS kernelcaches.
  ☆108Updated last year
• iOSForensics / pyimg4
  A python lib for manipulating IMG4, IM4M and IM4P files
  ☆12Updated last year