cellebrite-labs / sandblasterView external linksLinks
Reversing the Apple sandbox
☆159Dec 7, 2025Updated 2 months ago
Alternatives and similar repositories for sandblaster
Users that are interested in sandblaster are comparing it to the libraries listed below
Sorting:
- Sniff XPC communication using Frida and Go☆156Updated this week
- Plugin for loading MachO kernelcache and dSYM files to Binary Ninja☆40Mar 23, 2025Updated 10 months ago
- Python bindings for Apple's libcompression.☆15Updated this week
- An IDAPython module for enhancing c++ support on top of ida_kernelcache☆140May 15, 2025Updated 8 months ago
- An IDA Toolkit for analyzing iOS kernelcaches.☆109May 15, 2025Updated 8 months ago
- Yet another xpc sniffer☆132Aug 12, 2025Updated 6 months ago
- Output from running Yarden's sandblaster on an iPhone15,2's iOS17 kernelcaches☆18Aug 7, 2024Updated last year
- XNU kernel, Kernel Collection and CodeQL build scripts☆269Jan 8, 2026Updated last month
- ☆140Feb 17, 2024Updated last year
- IDA plugin that resolves PPL calls to the actual underlying PPL function.☆56Feb 28, 2023Updated 2 years ago
- iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives☆132Jun 10, 2022Updated 3 years ago
- macOS kext with kernel R/W, kalloc and kcall☆105Jun 21, 2025Updated 7 months ago
- Cross-compat library for parsing Apple Archive + Apple Encrypted Archive (.aar/.yaa/.aea).☆34Jun 17, 2025Updated 7 months ago
- ☆126Aug 3, 2024Updated last year
- Deterministic kernel exploit based on CVE-2023-32434.☆120Aug 7, 2025Updated 6 months ago
- Insecurity as an IOService☆95Mar 25, 2025Updated 10 months ago
- WTF Snapshot fuzzing of macOS targets☆99May 31, 2024Updated last year
- IDA plugin to find code cross references to virtual functions using PAC codes☆147Mar 16, 2022Updated 3 years ago
- Search running processes on iOS for instances of a given objc class.☆55Jan 3, 2025Updated last year
- symbol dumps of iOS shared caches☆34Oct 15, 2022Updated 3 years ago
- Interact with trustcaches☆41Feb 12, 2023Updated 3 years ago
- Collection of materials relating to FORCEDENTRY☆99Mar 30, 2024Updated last year
- Reversing the Apple sandbox☆246Apr 24, 2025Updated 9 months ago
- macOS/ XNU kernel buffer overflow. Introduced in macOS 14.0 (xnu-10002.1.13), fixed in macOS 14.5 (xnu-10063.121.3)☆48Jul 18, 2025Updated 6 months ago
- SEP firmware splitter, made in rust.☆41Oct 11, 2024Updated last year
- iOS `os_log` viewer that supports both real-time and archived logs☆32May 5, 2025Updated 9 months ago
- ANE kernel r/w exploit for iOS 15 and macOS 12☆302Nov 20, 2022Updated 3 years ago
- My ongoing primer on reversing Swift☆117Sep 11, 2025Updated 5 months ago
- AEA metadata dumper☆49May 15, 2025Updated 8 months ago
- a Ghidra framework for iOS kernelcache reverse engineering☆363Nov 6, 2022Updated 3 years ago
- Dev tools for probing IOKit☆201Sep 23, 2023Updated 2 years ago
- XPC sniffer using LLDB☆48Oct 3, 2024Updated last year
- IDA loader for SEP firmware with dyld cache support.☆67Aug 22, 2024Updated last year
- toy project for tracing objc_msgSend☆59Feb 2, 2026Updated last week
- My collection of PoCs☆26Nov 9, 2023Updated 2 years ago
- Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition☆66Jan 20, 2023Updated 3 years ago
- Experimentation environment for checkm8-vulnerable devices☆57Dec 30, 2023Updated 2 years ago
- Fucking Simple Untether for iOS 15-17☆213Dec 20, 2023Updated 2 years ago
- ☆29Apr 7, 2023Updated 2 years ago