jsherman212/ktrw

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jsherman212/ktrw)

jsherman212 / ktrw

An iOS kernel debugger based on a KTRR bypass for A11 iPhones; works with LLDB and IDA Pro.

☆61

Alternatives and similar repositories for ktrw

Users that are interested in ktrw are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

Muirey03 / CVE-2022-32832
View on GitHub
Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6
☆97Jul 21, 2022Updated 3 years ago
Proteas / sep-misc-A10-14.1-18A8395
View on GitHub
some research results of sep
☆20Apr 9, 2021Updated 4 years ago
jsherman212 / iosdbg
View on GitHub
experimental iOS debugger
☆31Jun 17, 2020Updated 5 years ago
34306 / IOSurface_poc18
View on GitHub
App with PoC of CVE-2024-44285
☆43Nov 30, 2024Updated last year
paradiseduo / Anti-Disassembly-On-Arm64
View on GitHub
☆20Aug 29, 2022Updated 3 years ago
Virtual machines for every use case on DigitalOcean • Ad
Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
blacktop / go-hypervisor
View on GitHub
Apple Hypervisor.framework bindings for Golang
☆36Jan 12, 2026Updated 2 months ago
EthanArbuckle / unredact-private-os_logs
View on GitHub
An explanation on unredacting iOS's <private> os_log privacy mechanism
☆226May 29, 2023Updated 2 years ago
Muirey03 / iometa
View on GitHub
arm64 IOKit class dumper
☆21Feb 22, 2025Updated last year
jsherman212 / iomfb-exploit
View on GitHub
Exploit for CVE-2021-30807
☆134Nov 29, 2021Updated 4 years ago
EthanArbuckle / objfind
View on GitHub
Search running processes on iOS for instances of a given objc class.
☆55Jan 3, 2025Updated last year
EthanArbuckle / oslo
View on GitHub
iOS `os_log` viewer that supports both real-time and archived logs
☆32May 5, 2025Updated 10 months ago
Siguza / libkrw
View on GitHub
Lib kernel r/w
☆190Nov 1, 2021Updated 4 years ago
Cryptiiiic / hookra1n
View on GitHub
A custom shellcode hook for checkra1n 0.1337 written in c!
☆35Dec 20, 2023Updated 2 years ago
skr0x1c0 / binja_kc
View on GitHub
Plugin for loading MachO kernelcache and dSYM files to Binary Ninja
☆40Mar 23, 2025Updated last year
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
cellebrite-labs / ida_kernelcache
View on GitHub
An IDA Toolkit for analyzing iOS kernelcaches.
☆112May 15, 2025Updated 10 months ago
jsherman212 / xnuspy
View on GitHub
an iOS kernel function hooking framework for checkra1n'able devices
☆589Oct 6, 2021Updated 4 years ago
jsherman212 / svc_stalker
View on GitHub
iOS system call/Mach trap interception for checkra1n'able devices
☆159Aug 10, 2021Updated 4 years ago
OpenJailbreak / oob_timstamp_ppl
View on GitHub
☆16Jul 30, 2020Updated 5 years ago
jevinskie / m1n1-xnu-boot
View on GitHub
A bootloader and experimentation playground for Apple Silicon. Modified to boot XNU/macOS kernels.
☆19Dec 25, 2021Updated 4 years ago
matteyeux / ida-iboot-loader
View on GitHub
IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter
☆164Nov 2, 2024Updated last year
Siguza / IOKernelRW
View on GitHub
Insecurity as an IOService
☆96Mar 25, 2025Updated last year
m1stadev / eyepatch
View on GitHub
An *OS bootchain patching library.
☆15Updated this week
blacktop / yardens-sb-profs
View on GitHub
Output from running Yarden's sandblaster on an iPhone15,2's iOS17 kernelcaches
☆18Aug 7, 2024Updated last year
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
b1n4r1b01 / n-days
View on GitHub
☆526Sep 28, 2025Updated 5 months ago
marcograss / rust-kernelcache-extractor
View on GitHub
Extract a decrypted iOS 64-bit kernelcache
☆43Mar 16, 2026Updated last week
blacktop / darwin-xnu-build
View on GitHub
XNU kernel, Kernel Collection and CodeQL build scripts
☆284Mar 3, 2026Updated 3 weeks ago
0x7ff / golb
View on GitHub
Mapping physical memory to user space (EL0) on iOS.
☆75Jan 3, 2023Updated 3 years ago
oleavr / dyld-tools
View on GitHub
Experiment to attempt to build Apple's dyld tools.
☆64May 29, 2020Updated 5 years ago
0xbf00 / macos-sandbox-coverage
View on GitHub
Tools to measure an app's App Sandbox usage
☆26May 20, 2020Updated 5 years ago
pwn0rz / xnu-build
View on GitHub
xnu build script
☆71Aug 31, 2023Updated 2 years ago
jevinskie / jevmachopp
View on GitHub
Modern C++, range-based Mach-O parser designed for embedded use. Uses stack allocations only.
☆34Oct 31, 2022Updated 3 years ago
0cyn / bn-dyldsharedcache
View on GitHub
dyld_shared_cache processing / Single-Image loading for BinaryNinja
☆91Feb 25, 2026Updated last month
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
tihmstar / libtakeover
View on GitHub
call functions in a remote process using Mach API
☆107Mar 19, 2025Updated last year
alfiecg24 / Trigon
View on GitHub
Deterministic kernel exploit based on CVE-2023-32434.
☆127Aug 7, 2025Updated 7 months ago
doronz88 / hilda
View on GitHub
LLDB wrapped and empowered by iPython's features
☆161Updated this week
hack-different / secure_emu
View on GitHub
Unicorn Engine based running of SecureROM
☆11Sep 13, 2022Updated 3 years ago
0cyn / iBoot-IDA
View on GitHub
32/64 bit SecureROM/iBoot loader for IDA Pro. Also supports loading and decrypting encrypted .im4ps within IDA.
☆73Mar 2, 2022Updated 4 years ago
Siguza / nordump
View on GitHub
Apple Silicon NOR dumper
☆49Nov 8, 2023Updated 2 years ago
Siguza / iometa
View on GitHub
arm64 IOKit class dumper
☆292Jan 5, 2026Updated 2 months ago