Alternatives and similar repositories for xnu

Users that are interested in xnu are comparing it to the libraries listed below

• jzdziarski / kernelresolver
  macOS Private KPI Symbol Resolver
  ☆49Updated 8 years ago
• GeoSn0w / hspGuard
  Checks macOS for Kernel Task Port. It may help detect intrusive kexts that would leak the kernel task.
  ☆23Updated 2 years ago
• Siguza / hsp4
  macOS kext for host_special_port(4) patch
  ☆89Updated last year
• lite / osxrce
  ☆26Updated 14 years ago
• knightsc / EnterDebugger
  A kext to facilitate calling PE_enter_debugger on machines that don't respect Cmd-Ctrl-Opt-Shift-Esc
  ☆15Updated 7 years ago
• xerub / macho
  Dealing with Mach-O kexts, vtables and more
  ☆86Updated 6 years ago
• xerub / kexty
  iOS KEXT loader 7.x-9.x
  ☆95Updated 8 years ago
• userlandkernel / USBusted
  Research on Apple's USB protocols
  ☆31Updated 5 years ago
• xerub / reexport
  Reexport symbols for Mach-O and ELF
  ☆38Updated 7 years ago
• steven-michaud / SandboxMirror
  Tool for reverse-engineering Apple's sandbox
  ☆59Updated 8 years ago
• Proteas / ios13-sandbox-profile-format
  Binary Format of iOS 13 Sandbox Profile Collection
  ☆51Updated 5 years ago
• gdbinit / bruteforcesysent
  Small util to discover OS X sysent via bruteforce
  ☆33Updated 9 years ago
• slavaim / MacOSX-IOKit-Hooker
  A macOS IOKit objects hooker
  ☆88Updated 8 years ago
• bazad / devicetree-parse
  A tool to parse Apple's binary device tree format.
  ☆56Updated 5 years ago
• GeoSn0w / MachDump
  A very basic C Mach-O Header Dump tool written for practicing purposes. Works With x86 and x86_64 binaries
  ☆38Updated 2 years ago
• Jailbreaks / empty_list
  empty_list - exploit for p0 issue 1564 (CVE-2018-4243) iOS 11.0 - 11.3.1 kernel r/w
  ☆19Updated 7 years ago
• bazad / threadexec
  A library to execute code in the context of other processes on iOS 11.
  ☆82Updated 7 years ago
• Siguza / tbdump
  Utility to create tbd's off dylibs
  ☆78Updated 4 years ago
• bazad / ctl_ctloutput-leak
  CVE-2017-13868: Information leak of uninitialized kernel heap data in XNU.
  ☆27Updated 7 years ago
• 0x7ff / maphys
  Accessing physical memory on iOS.
  ☆51Updated 4 years ago
• mrmacete / r2-ios-kernelcache
  Radare2 plugin to parse modern iOS 64-bit kernel caches
  ☆29Updated 6 years ago
• leiless / ksymresolver
  XNU kernel symbol resolver(kernel extension)
  ☆12Updated 6 years ago
• Haifisch / kuzz
  ios iokit fuzzer (really probably isn't that useful anymore tbh)
  ☆62Updated 8 years ago
• cocoahuke / iosdumpkernelfix
  This tool will help to fix the Mach-O header of iOS kernel which dump from the memory. So that IDA or function symbol-related tools can l…
  ☆23Updated 8 years ago
• saagarjha / macOSSandboxInitializationBypass
  App sandbox escapes for macOS
  ☆31Updated 5 years ago
• kpwn / rapd2
  simple radare2 rap:// server
  ☆25Updated 8 years ago
• zhuowei / dsc_extractor_badly
  Modifications to Apple's dsc_extractor to fix ObjC selector names. You don't need this.
  ☆43Updated 7 years ago
• cocoahuke / ioskextdump_ios10
  iOS10~iOS13 Edition) Dump Kext information from iOS kernel cache. Applicable to the kernel which dump from memory. The disassembly framew…
  ☆21Updated 3 years ago
• nologic / machshark
  Sniffing on port messages
  ☆28Updated 8 years ago
• nologic / xnu_macho_loader
  xnu-10.10 mach-o loader that compiles in userland
  ☆19Updated 10 years ago