matteyeux / ida-iboot-loaderLinks
IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter
☆153Updated 7 months ago
Alternatives and similar repositories for ida-iboot-loader
Users that are interested in ida-iboot-loader are comparing it to the libraries listed below
Sorting:
- 32/64 bit SecureROM/iBoot loader for IDA Pro. Also supports loading and decrypting encrypted .im4ps within IDA.☆74Updated 3 years ago
- Fork of PongoOS which can be run in QEMU☆66Updated 3 years ago
- An iOS kernel debugger based on a KTRR bypass for A11 iPhones; works with LLDB and IDA Pro.☆57Updated 4 years ago
- iBoot/SEPOS decryption kit for JTAGgable iOS device prototypes☆108Updated 3 months ago
- Insecurity as an IOService☆89Updated 2 months ago
- IDA loader to help with SEPROM reverse engineering.☆33Updated 5 months ago
- iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives☆129Updated 2 years ago
- macOS kext with kernel R/W, kalloc and kcall☆79Updated 2 months ago
- iOS system call/Mach trap interception for checkra1n'able devices☆156Updated 3 years ago
- Another Virtualization.framework demo project, with focus to iBoot (WIP)☆167Updated last year
- Interact with trustcaches☆41Updated 2 years ago
- An IDA Toolkit for analyzing iOS kernelcaches.☆109Updated 2 weeks ago
- Lib kernel r/w☆192Updated 3 years ago
- A arm offsetfinder. It finds offsets, patches, parses Mach-O and even supports IMG4/IMG3☆148Updated this week
- a7 sep bug☆54Updated last year
- 64-bit iOS boot image patcher written in C☆146Updated 2 years ago
- xnu_gym is a pongoOS module that patches XNU to reintroduce previously known and patched vulnerabilities. This is an easy way to practice…☆55Updated 3 years ago
- Mapping physical memory to user space (EL0) on iOS.☆73Updated 2 years ago
- Tool for getting and setting nonce without triggering KPP/KTRR/PAC.☆114Updated 2 years ago
- Unstripped iOS kernel extensions and more. More coming soon.☆56Updated 5 years ago
- Tool to decrypt 64 bits iOS firmware images (iBoot/LLB/iBSS/iBEC).☆179Updated 2 years ago
- Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition☆67Updated 2 years ago
- A tool to download and decrypt a 64 bits iOS firmware images written in Rust☆44Updated last year
- Tracing of iOS/macOS binaries using HW single step and Frida DBI☆80Updated 5 months ago
- DeviceTree☆80Updated 7 months ago
- A tool to parse Apple's binary device tree format.☆55Updated 5 years ago
- Binary View plugin for reverse engineering iBoot like binaries with Binary Ninja☆55Updated last year
- Patch the iBoot64 with generic patches.☆52Updated last year
- Log all syscalls executed by a process (iOS / checkra1n / xnuspy)☆65Updated 3 years ago
- Checkm8 PoC tool for A8, A8X and A9 devices that allows you to boot untrusted images (macOS only, credits: checkra1n team).☆88Updated 4 years ago