cellebrite-labs/sandblaster

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cellebrite-labs/sandblaster)

cellebrite-labs / sandblaster

Reversing the Apple sandbox

☆189

Alternatives and similar repositories for sandblaster

Users that are interested in sandblaster are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

ReverseApple / gxpc
View on GitHub
Sniff XPC communication using Frida and Go
☆161Feb 10, 2026Updated 4 months ago
blacktop / yardens-sb-profs
View on GitHub
Output from running Yarden's sandblaster on an iPhone15,2's iOS17 kernelcaches
☆19Aug 7, 2024Updated last year
cellebrite-labs / ida_kernelcache
View on GitHub
An IDA Toolkit for analyzing iOS kernelcaches.
☆114May 15, 2025Updated last year
skr0x1c0 / binja_kc
View on GitHub
Plugin for loading MachO kernelcache and dSYM files to Binary Ninja
☆40Mar 23, 2025Updated last year
m1stadev / apple-compress
View on GitHub
Python bindings for Apple's libcompression.
☆15Updated this week
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
cellebrite-labs / ida_kcpp
View on GitHub
An IDAPython module for enhancing c++ support on top of ida_kernelcache
☆142May 15, 2025Updated last year
CRKatri / trustcache
View on GitHub
Interact with trustcaches
☆47Feb 12, 2023Updated 3 years ago
cellebrite-labs / PPLorer
View on GitHub
IDA plugin that resolves PPL calls to the actual underlying PPL function.
☆56Feb 28, 2023Updated 3 years ago
alfiecg24 / KextRW
View on GitHub
macOS kext with kernel R/W, kalloc and kcall
☆106Jun 21, 2025Updated 11 months ago
blacktop / darwin-xnu-build
View on GitHub
XNU kernel, Kernel Collection and CodeQL build scripts
☆297Apr 22, 2026Updated last month
ChiChou / XpcScope
View on GitHub
Yet another xpc sniffer
☆221Feb 15, 2026Updated 4 months ago
0xilis / libNeoAppleArchive
View on GitHub
Cross-compat library for parsing Apple Archive + Apple Encrypted Archive (.aar/.yaa/.aea).
☆37Apr 13, 2026Updated 2 months ago
fmyyss / XNU_KERNEL_RESEARCH
View on GitHub
☆137Feb 17, 2024Updated 2 years ago
Siguza / IOKernelRW
View on GitHub
Insecurity as an IOService
☆96May 28, 2026Updated 2 weeks ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
justtryingthingsout / sepsplit-rs
View on GitHub
SEP firmware splitter, made in rust.
☆49Updated this week
alfiecg24 / Trigon
View on GitHub
Deterministic kernel exploit based on CVE-2023-32434.
☆129May 14, 2026Updated last month
wangtielei / POCs
View on GitHub
☆124Aug 3, 2024Updated last year
doronz88 / swift_reversing
View on GitHub
My ongoing primer on reversing Swift
☆120Jun 1, 2026Updated last week
DerekSelander / dsc_symbols
View on GitHub
symbol dumps of iOS shared caches
☆34Oct 15, 2022Updated 3 years ago
jeffssh / CVE-2021-30860
View on GitHub
Collection of materials relating to FORCEDENTRY
☆100Mar 30, 2024Updated 2 years ago
0x3c3e / pocs
View on GitHub
My collection of PoCs
☆26Nov 9, 2023Updated 2 years ago
jprx / CVE-2024-27815
View on GitHub
macOS/ XNU kernel buffer overflow. Introduced in macOS 14.0 (xnu-10002.1.13), fixed in macOS 14.5 (xnu-10063.121.3)
☆51Jul 18, 2025Updated 10 months ago
opa334 / sandbox_extension_generator
View on GitHub
iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives
☆131Jun 10, 2022Updated 4 years ago
Deploy on Railway without the complexity - Free Credits Offer • Ad
Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
EthanArbuckle / objfind
View on GitHub
Search running processes on iOS for instances of a given objc class.
☆55Jan 3, 2025Updated last year
Cisco-Talos / snap_wtf_macos
View on GitHub
WTF Snapshot fuzzing of macOS targets
☆99May 31, 2024Updated 2 years ago
EthanArbuckle / oslo
View on GitHub
iOS `os_log` viewer that supports both real-time and archived logs
☆33May 5, 2025Updated last year
malus-security / sandblaster
View on GitHub
Reversing the Apple sandbox
☆266Apr 24, 2025Updated last year
0x36 / ghidra_kernelcache
View on GitHub
a Ghidra framework for iOS kernelcache reverse engineering
☆367Nov 6, 2022Updated 3 years ago
antoniozekic / Proof-of-concepts
View on GitHub
☆29Apr 7, 2023Updated 3 years ago
cellebrite-labs / PacXplorer
View on GitHub
IDA plugin to find code cross references to virtual functions using PAC codes
☆154May 27, 2026Updated 2 weeks ago
blacktop / go-hypervisor
View on GitHub
Apple Hypervisor.framework bindings for Golang
☆37Jan 12, 2026Updated 5 months ago
tony-go / snixpc
View on GitHub
XPC sniffer using LLDB
☆50Oct 3, 2024Updated last year
Open source password manager - Proton Pass • Ad
Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
0x36 / weightBufs
View on GitHub
ANE kernel r/w exploit for iOS 15 and macOS 12
☆302Nov 20, 2022Updated 3 years ago
DragonBuild / sdk-builder
View on GitHub
iOS automated SDK builder
☆18Feb 26, 2024Updated 2 years ago
arandomdev / DyldExtractor
View on GitHub
Extract Binaries from Apple's Dyld Shared Cache
☆469Jan 27, 2025Updated last year
ReverseApple / inject_aarch64
View on GitHub
arm64 and arm64e dylib injector
☆56Feb 6, 2024Updated 2 years ago
ReverseApple / PrivateFrameworks
View on GitHub
Linking against PrivateFrameworks on macOS.
☆21Oct 28, 2021Updated 4 years ago
Siguza / aea1
View on GitHub
AEA metadata dumper
☆50May 15, 2025Updated last year
Siguza / iokit-utils
View on GitHub
Dev tools for probing IOKit
☆204Sep 23, 2023Updated 2 years ago