cellebrite-labs/sandblaster

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cellebrite-labs/sandblaster)

cellebrite-labs / sandblaster

Reversing the Apple sandbox

☆175

Alternatives and similar repositories for sandblaster

Users that are interested in sandblaster are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

ReverseApple / gxpc
View on GitHub
Sniff XPC communication using Frida and Go
☆158Feb 10, 2026Updated last month
blacktop / yardens-sb-profs
View on GitHub
Output from running Yarden's sandblaster on an iPhone15,2's iOS17 kernelcaches
☆18Aug 7, 2024Updated last year
cellebrite-labs / ida_kernelcache
View on GitHub
An IDA Toolkit for analyzing iOS kernelcaches.
☆112May 15, 2025Updated 10 months ago
skr0x1c0 / binja_kc
View on GitHub
Plugin for loading MachO kernelcache and dSYM files to Binary Ninja
☆40Mar 23, 2025Updated last year
m1stadev / apple-compress
View on GitHub
Python bindings for Apple's libcompression.
☆15Updated this week
End-to-end encrypted email - Proton Mail • Ad
Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
cellebrite-labs / ida_kcpp
View on GitHub
An IDAPython module for enhancing c++ support on top of ida_kernelcache
☆141May 15, 2025Updated 10 months ago
cellebrite-labs / PPLorer
View on GitHub
IDA plugin that resolves PPL calls to the actual underlying PPL function.
☆56Feb 28, 2023Updated 3 years ago
ChiChou / XpcScope
View on GitHub
Yet another xpc sniffer
☆215Feb 15, 2026Updated last month
alfiecg24 / KextRW
View on GitHub
macOS kext with kernel R/W, kalloc and kcall
☆108Jun 21, 2025Updated 9 months ago
blacktop / darwin-xnu-build
View on GitHub
XNU kernel, Kernel Collection and CodeQL build scripts
☆284Mar 3, 2026Updated 3 weeks ago
0xilis / libNeoAppleArchive
View on GitHub
Cross-compat library for parsing Apple Archive + Apple Encrypted Archive (.aar/.yaa/.aea).
☆35Jun 17, 2025Updated 9 months ago
fmyyss / XNU_KERNEL_RESEARCH
View on GitHub
☆140Feb 17, 2024Updated 2 years ago
CRKatri / trustcache
View on GitHub
Interact with trustcaches
☆42Feb 12, 2023Updated 3 years ago
Siguza / IOKernelRW
View on GitHub
Insecurity as an IOService
☆96Mar 25, 2025Updated last year
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
alfiecg24 / Trigon
View on GitHub
Deterministic kernel exploit based on CVE-2023-32434.
☆127Aug 7, 2025Updated 7 months ago
wangtielei / POCs
View on GitHub
☆126Aug 3, 2024Updated last year
doronz88 / swift_reversing
View on GitHub
My ongoing primer on reversing Swift
☆117Sep 11, 2025Updated 6 months ago
DerekSelander / dsc_symbols
View on GitHub
symbol dumps of iOS shared caches
☆34Oct 15, 2022Updated 3 years ago
jeffssh / CVE-2021-30860
View on GitHub
Collection of materials relating to FORCEDENTRY
☆100Mar 30, 2024Updated last year
0x3c3e / pocs
View on GitHub
My collection of PoCs
☆26Nov 9, 2023Updated 2 years ago
opa334 / sandbox_extension_generator
View on GitHub
iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives
☆132Jun 10, 2022Updated 3 years ago
jprx / CVE-2024-27815
View on GitHub
macOS/ XNU kernel buffer overflow. Introduced in macOS 14.0 (xnu-10002.1.13), fixed in macOS 14.5 (xnu-10063.121.3)
☆49Jul 18, 2025Updated 8 months ago
EthanArbuckle / objfind
View on GitHub
Search running processes on iOS for instances of a given objc class.
☆55Jan 3, 2025Updated last year
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
Cisco-Talos / snap_wtf_macos
View on GitHub
WTF Snapshot fuzzing of macOS targets
☆98May 31, 2024Updated last year
justtryingthingsout / sepsplit-rs
View on GitHub
SEP firmware splitter, made in rust.
☆45Oct 11, 2024Updated last year
malus-security / sandblaster
View on GitHub
Reversing the Apple sandbox
☆257Apr 24, 2025Updated 11 months ago
EthanArbuckle / oslo
View on GitHub
iOS `os_log` viewer that supports both real-time and archived logs
☆32May 5, 2025Updated 10 months ago
0x36 / ghidra_kernelcache
View on GitHub
a Ghidra framework for iOS kernelcache reverse engineering
☆364Nov 6, 2022Updated 3 years ago
antoniozekic / Proof-of-concepts
View on GitHub
☆29Apr 7, 2023Updated 2 years ago
cellebrite-labs / PacXplorer
View on GitHub
IDA plugin to find code cross references to virtual functions using PAC codes
☆147Mar 16, 2022Updated 4 years ago
blacktop / go-hypervisor
View on GitHub
Apple Hypervisor.framework bindings for Golang
☆36Jan 12, 2026Updated 2 months ago
tony-go / snixpc
View on GitHub
XPC sniffer using LLDB
☆50Oct 3, 2024Updated last year
Open source password manager - Proton Pass • Ad
Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
0x36 / weightBufs
View on GitHub
ANE kernel r/w exploit for iOS 15 and macOS 12
☆303Nov 20, 2022Updated 3 years ago
DragonBuild / sdk-builder
View on GitHub
iOS automated SDK builder
☆18Feb 26, 2024Updated 2 years ago
ReverseApple / inject_aarch64
View on GitHub
arm64 and arm64e dylib injector
☆41Feb 6, 2024Updated 2 years ago
ReverseApple / PrivateFrameworks
View on GitHub
Linking against PrivateFrameworks on macOS.
☆21Oct 28, 2021Updated 4 years ago
Siguza / aea1
View on GitHub
AEA metadata dumper
☆49May 15, 2025Updated 10 months ago
Siguza / iokit-utils
View on GitHub
Dev tools for probing IOKit
☆202Sep 23, 2023Updated 2 years ago
DerekSelander / dynadump
View on GitHub
A runtime ObjC class-dump
☆78Dec 20, 2024Updated last year