Alternatives and similar repositories for ktrw

Users that are interested in ktrw are comparing it to the libraries listed below

• tjkr0wn / xnu_gym
  xnu_gym is a pongoOS module that patches XNU to reintroduce previously known and patched vulnerabilities. This is an easy way to practice…
  ☆57Updated 4 years ago
• Proteas / sep-fw-dyld-cache-loader
  IDA loader for SEP firmware with dyld cache support.
  ☆58Updated last year
• mwpcheung / AppleSEPFirmware
  Apple SEP reverse
  ☆53Updated 5 years ago
• cellebrite-labs / ida_kernelcache
  An IDA Toolkit for analyzing iOS kernelcaches.
  ☆108Updated 6 months ago
• jonpalmisc / respawn
  Experimentation environment for checkm8-vulnerable devices
  ☆54Updated last year
• pattern-f / xattr-oob-swap
  Demo exploit code for CVE-2020-27904, a tfp0 bug.
  ☆66Updated 4 years ago
• citruz / pongoOS-QEMU
  Fork of PongoOS which can be run in QEMU
  ☆69Updated 4 years ago
• 0x7ff / golb
  Mapping physical memory to user space (EL0) on iOS.
  ☆73Updated 2 years ago
• matteyeux / seprom-loader
  Binary Ninja loader for 64 bits Apple SEPROMs
  ☆57Updated 2 months ago
• haiyuidesu / sephelper
  IDA loader to help with SEPROM reverse engineering.
  ☆35Updated 2 months ago
• userlandkernel / ios-unstripped-kexts
  Unstripped iOS kernel extensions and more. More coming soon.
  ☆59Updated 5 years ago
• CRKatri / trustcache
  Interact with trustcaches
  ☆41Updated 2 years ago
• cellebrite-labs / PacXplorer
  IDA plugin to find code cross references to virtual functions using PAC codes
  ☆146Updated 3 years ago
• Billy-Ellis / aslr-kernel-patch
  Tool to patch the ASLR slide generation in the kernel to disable user-land ASLR on 32-bit iOS
  ☆31Updated 4 years ago
• tony-go / snixpc
  XPC sniffer using LLDB
  ☆47Updated last year
• UKERN-Developers / darwin-xnu
  Apple's XNU automatically updated live.
  ☆26Updated 4 years ago
• 0cyn / ksuite
  My BinaryNinja toolkit I use for iOS centric RE || Prerelease!
  ☆46Updated 2 years ago
• Proteas / bindiff-tool
  An assistant for BinDiff
  ☆25Updated 2 years ago
• seemoo-lab / plist17lib
  ☆21Updated 2 years ago
• opa334 / sandbox_extension_generator
  iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives
  ☆132Updated 3 years ago
• matteyeux / ida-iboot-loader
  IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter
  ☆153Updated last year
• jsherman212 / iosdbg
  experimental iOS debugger
  ☆30Updated 5 years ago
• Siguza / IOKernelRW
  Insecurity as an IOService
  ☆90Updated 7 months ago
• bazad / devicetree-parse
  A tool to parse Apple's binary device tree format.
  ☆56Updated 5 years ago
• pwn0rz / xnu-build
  xnu build script
  ☆69Updated 2 years ago
• Siguza / aea1
  AEA metadata dumper
  ☆48Updated 6 months ago
• aemmitt-ns / funtime
  Objective-C runtime tracing tool
  ☆40Updated 2 years ago
• Siguza / dt
  DeviceTree
  ☆81Updated last year
• NyanSatan / Image3RE
  iBoot-1145.3 Image3/heap stack RE (+unholy tools)
  ☆84Updated last year
• jevinskie / xnu-trace
  Tracing of iOS/macOS binaries using HW single step and Frida DBI
  ☆82Updated 11 months ago