An iOS kernel debugger based on a KTRR bypass for A11 iPhones; works with LLDB and IDA Pro.
☆60May 20, 2021Updated 4 years ago
Alternatives and similar repositories for ktrw
Users that are interested in ktrw are comparing it to the libraries listed below
Sorting:
- experimental iOS debugger☆31Jun 17, 2020Updated 5 years ago
- some research results of sep☆20Apr 9, 2021Updated 4 years ago
- An explanation on unredacting iOS's <private> os_log privacy mechanism☆222May 29, 2023Updated 2 years ago
- Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6☆96Jul 21, 2022Updated 3 years ago
- App with PoC of CVE-2024-44285☆44Nov 30, 2024Updated last year
- Exploit for CVE-2021-30807☆132Nov 29, 2021Updated 4 years ago
- A custom shellcode hook for checkra1n 0.1337 written in c!☆35Dec 20, 2023Updated 2 years ago
- An IDA Toolkit for analyzing iOS kernelcaches.☆110May 15, 2025Updated 9 months ago
- Lib kernel r/w☆189Nov 1, 2021Updated 4 years ago
- Apple Hypervisor.framework bindings for Golang☆35Jan 12, 2026Updated last month
- IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter☆161Nov 2, 2024Updated last year
- iOS `os_log` viewer that supports both real-time and archived logs☆32May 5, 2025Updated 10 months ago
- Plugin for loading MachO kernelcache and dSYM files to Binary Ninja☆40Mar 23, 2025Updated 11 months ago
- an iOS kernel function hooking framework for checkra1n'able devices☆587Oct 6, 2021Updated 4 years ago
- An *OS bootchain patching library.☆15Updated this week
- Tools to measure an app's App Sandbox usage☆26May 20, 2020Updated 5 years ago
- ☆20Aug 29, 2022Updated 3 years ago
- arm64 IOKit class dumper☆21Feb 22, 2025Updated last year
- Insecurity as an IOService☆96Mar 25, 2025Updated 11 months ago
- Search running processes on iOS for instances of a given objc class.☆55Jan 3, 2025Updated last year
- Deterministic kernel exploit based on CVE-2023-32434.☆123Aug 7, 2025Updated 6 months ago
- Experiment to attempt to build Apple's dyld tools.☆64May 29, 2020Updated 5 years ago
- XNU kernel, Kernel Collection and CodeQL build scripts☆274Updated this week
- arm64 IOKit class dumper☆289Jan 5, 2026Updated 2 months ago
- A bootloader and experimentation playground for Apple Silicon. Modified to boot XNU/macOS kernels.☆19Dec 25, 2021Updated 4 years ago
- Apple Silicon NOR dumper☆49Nov 8, 2023Updated 2 years ago
- 32/64 bit SecureROM/iBoot loader for IDA Pro. Also supports loading and decrypting encrypted .im4ps within IDA.☆73Mar 2, 2022Updated 4 years ago
- Extract a decrypted iOS 64-bit kernelcache☆43Feb 24, 2026Updated last week
- iOS system call/Mach trap interception for checkra1n'able devices☆159Aug 10, 2021Updated 4 years ago
- A tool to parse Apple's binary device tree format.☆57Apr 19, 2020Updated 5 years ago
- Another Virtualization.framework demo project, with focus to iBoot (WIP)☆176Dec 2, 2023Updated 2 years ago
- A tool to download and decrypt a 64 bits iOS firmware images written in Rust☆45Jan 6, 2024Updated 2 years ago
- LLDB wrapped and empowered by iPython's features☆155Feb 25, 2026Updated last week
- ☆526Sep 28, 2025Updated 5 months ago
- Unicorn Engine based running of SecureROM☆11Sep 13, 2022Updated 3 years ago
- A local privilege escalation chain from user to kernel for MacOS < 10.15.5. CVE-2020–9854☆86Oct 15, 2020Updated 5 years ago
- iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives☆132Jun 10, 2022Updated 3 years ago
- Modern C++, range-based Mach-O parser designed for embedded use. Uses stack allocations only.☆34Oct 31, 2022Updated 3 years ago
- xnu build script☆71Aug 31, 2023Updated 2 years ago