felix-pb / remote_pocs
Some old unexploited remote kernel memory corruption PoCs
☆24Updated 7 months ago
Alternatives and similar repositories for remote_pocs:
Users that are interested in remote_pocs are comparing it to the libraries listed below
- IDA loader for SEP firmware with dyld cache support.☆56Updated 7 months ago
- ☆71Updated 10 months ago
- arm64 IOKit class dumper☆18Updated last month
- macOS kext with kernel R/W, kalloc and kcall☆71Updated last week
- a7 sep bug☆53Updated last year
- Shortcut to automate your iproxy, debugserver, lldb workflow☆38Updated 4 months ago
- WebKit/JSC CodeQL Databases☆16Updated last week
- Experimentation environment for checkm8-vulnerable devices☆53Updated last year
- IDA loader to help with SEPROM reverse engineering.☆33Updated 3 months ago
- Interact with trustcaches☆40Updated 2 years ago
- iOS 14 kernel exploit based on PhysPuppet☆60Updated 6 months ago
- Deterministic kernel exploit based on CVE-2023-32434.☆69Updated 3 weeks ago
- A python lib for manipulating IMG4, IM4M and IM4P files☆12Updated last year
- Search running processes on iOS for instances of a given objc class.☆46Updated 3 months ago
- Output from running Yarden's sandblaster on an iPhone15,2's iOS17 kernelcaches☆17Updated 7 months ago
- ☆17Updated 2 years ago
- A Python library for the ipsw daemon API☆23Updated last year
- ☆39Updated 4 years ago
- My collection of PoCs☆26Updated last year
- A tool to call CoreTrust evaluation from userland☆16Updated 11 months ago
- ☆31Updated last month
- A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS.☆19Updated 3 months ago
- Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition☆64Updated 2 years ago
- `ipsw` symbolication signatures☆61Updated this week
- Mapping physical memory to user space (EL0) on iOS.☆72Updated 2 years ago
- ☆22Updated last year
- Exploit for CVE-2023-32364☆21Updated last year
- Demo exploit code for CVE-2020-27904, a tfp0 bug.☆66Updated 3 years ago
- xnu_gym is a pongoOS module that patches XNU to reintroduce previously known and patched vulnerabilities. This is an easy way to practice…☆55Updated 3 years ago
- Log all syscalls executed by a process (iOS / checkra1n / xnuspy)☆64Updated 2 years ago