A curated list of public TEE resources for learning how to reverse-engineer and achieve trusted code execution on ARM devices
☆973Jan 7, 2026Updated 2 months ago
Alternatives and similar repositories for TEE-reversing
Users that are interested in TEE-reversing are comparing it to the libraries listed below
Sorting:
- Reverse-engineering tools and exploits for Samsung's implementation of TrustZone☆158Dec 16, 2019Updated 6 years ago
- Nailgun attack on ARM devices.☆165May 13, 2021Updated 4 years ago
- This repository contains the code for a fuzzing prototype for the OP-TEE system call interface using AFL.☆141Aug 12, 2021Updated 4 years ago
- Android Kernel Exploitation☆639Feb 13, 2022Updated 4 years ago
- A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer☆344Aug 23, 2019Updated 6 years ago
- Some tee/trustzone helper stuff☆55Sep 29, 2019Updated 6 years ago
- This experimetal fuzzer is meant to be used for API in-memory fuzzing.☆580Jun 22, 2020Updated 5 years ago
- Android 14 kernel exploit for Pixel7/8 Pro☆543Apr 23, 2024Updated last year
- A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)☆1,692Updated this week
- ☆330Jun 20, 2024Updated last year
- Exploit code for CVE-2021-1961☆121Sep 7, 2022Updated 3 years ago
- Emulation and Feedback Fuzzing of Firmware with Memory Sanitization☆165Jun 26, 2021Updated 4 years ago
- A Coverage Explorer for Reverse Engineers☆2,509Feb 14, 2026Updated 3 weeks ago
- some vul☆790Apr 25, 2025Updated 10 months ago
- baseband security research☆84Apr 7, 2021Updated 4 years ago
- A Dynamic Binary Instrumentation framework based on LLVM.☆1,739Feb 20, 2026Updated 2 weeks ago
- A collection of links related to Linux kernel security and exploitation☆6,368Updated this week
- A portable utility to locate android binder service☆99Sep 28, 2019Updated 6 years ago
- A Collection of Chrome Sandbox Escape POCs/Exploits for learning☆859Jun 4, 2020Updated 5 years ago
- Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging☆457Feb 7, 2024Updated 2 years ago
- EMUX Firmware Emulation Framework (formerly ARMX)☆843Aug 22, 2025Updated 6 months ago
- Tiny cute emulator plugin for IDA based on unicorn.☆1,228Aug 13, 2024Updated last year
- Android/Linux vmlinux loader☆354Nov 18, 2023Updated 2 years ago
- ☆286Apr 23, 2020Updated 5 years ago
- Fuzzing harness for testing proprietary image codecs supported by Skia on Android☆356Jan 10, 2021Updated 5 years ago
- Fuzzing the Kernel Using Unicornafl and AFL++☆305Jan 2, 2023Updated 3 years ago
- ☆135Aug 4, 2022Updated 3 years ago
- DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables☆215Sep 17, 2021Updated 4 years ago
- A curated list of Hyper-V exploitation resources, fuzzing and vulnerability research.☆443Apr 11, 2025Updated 10 months ago
- FirmWire is a full-system baseband firmware emulation platform for fuzzing, debugging, and root-cause analysis of smartphone baseband fir…☆844Jan 5, 2026Updated 2 months ago
- An IDA file loader for Mobicore trustlet and driver binaries☆60Jan 21, 2020Updated 6 years ago
- Karta - source code assisted fast binary matching plugin for IDA☆903May 13, 2023Updated 2 years ago
- Collection of scripts for reversing Qualcomm Hexagon baseband / modem firmware☆181Jul 13, 2023Updated 2 years ago
- Project Zero Docs and Tools☆842Feb 4, 2026Updated last month
- Raw binary firmware analysis software☆567Jun 6, 2024Updated last year
- A Trace Explorer for Reverse Engineers☆1,525Oct 23, 2023Updated 2 years ago
- QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.☆350Jul 30, 2024Updated last year
- A True Instrumentable Binary Emulation Framework☆5,834Nov 5, 2025Updated 4 months ago
- A list of my CVE's with POCs☆682Dec 15, 2020Updated 5 years ago