galli-leo / emmutaler
A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.
☆160Updated 3 years ago
Alternatives and similar repositories for emmutaler:
Users that are interested in emmutaler are comparing it to the libraries listed below
- xnu build script☆71Updated last year
- IDA plugin to find code cross references to virtual functions using PAC codes☆141Updated 3 years ago
- An IDA Toolkit for analyzing iOS kernelcaches.☆107Updated last year
- An iOS kernel debugger based on a KTRR bypass for A11 iPhones; works with LLDB and IDA Pro.☆57Updated 3 years ago
- An IDA Toolkit for analyzing iOS kernelcaches.☆287Updated 4 years ago
- Fork of PongoOS which can be run in QEMU☆65Updated 3 years ago
- Insecurity as an IOService☆85Updated last year
- slides for conference talks☆88Updated 3 years ago
- iBoot-1145.3 Image3/heap stack RE (+unholy tools)☆77Updated last year
- Collection of materials relating to FORCEDENTRY☆95Updated 11 months ago
- IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter☆150Updated 4 months ago
- xnu_gym is a pongoOS module that patches XNU to reintroduce previously known and patched vulnerabilities. This is an easy way to practice…☆55Updated 3 years ago
- An IDAPython module for enhancing c++ support on top of ida_kernelcache☆124Updated last year
- Extreme Vulnerable IOKit driver☆89Updated 4 years ago
- IDA loader to help with SEPROM reverse engineering.☆33Updated 3 months ago
- apple cve list☆136Updated last week
- SEP firmware splitter, made in rust.☆38Updated 5 months ago
- p-joker -- iOS/MacOS kernelcache/kexts analysis tool☆107Updated 4 years ago
- XPC sniffer using LLDB☆43Updated 5 months ago
- ☆185Updated 2 years ago
- A PCode Emulator for Ghidra.☆108Updated 4 years ago
- Code of KextFuzz: Fuzzing macOS Kernel EXTensions on Apple Silicon via Exploiting Mitigations (USENIX Security'23)☆77Updated last year
- Debugger for the Shannon Baseband☆58Updated 4 years ago
- Host your own *OS Entitlement Database☆44Updated 7 months ago
- kernel exploit for Apple iOS 13.X☆185Updated 4 years ago
- Experimentation environment for checkm8-vulnerable devices☆53Updated last year
- Welcome to Hoyt's macOS Fuzzing & Code Repo. Contribute Code or Open an Issue or Discussion.☆43Updated 5 months ago
- Unstripped iOS kernel extensions and more. More coming soon.☆56Updated 5 years ago
- My journey through WebKit CVE-2016-4622 Exploitation process☆21Updated 4 years ago
- dyld_shared_cache processing / Single-Image loading for BinaryNinja☆85Updated last year