Alternatives and similar repositories for ida-iboot-loader

Users that are interested in ida-iboot-loader are comparing it to the libraries listed below

• 0cyn / iBoot-IDA
  32/64 bit SecureROM/iBoot loader for IDA Pro. Also supports loading and decrypting encrypted .im4ps within IDA.
  ☆74Updated 3 years ago
• citruz / pongoOS-QEMU
  Fork of PongoOS which can be run in QEMU
  ☆66Updated 3 years ago
• jsherman212 / ktrw
  An iOS kernel debugger based on a KTRR bypass for A11 iPhones; works with LLDB and IDA Pro.
  ☆57Updated 4 years ago
• NyanSatan / Anya
  iBoot/SEPOS decryption kit for JTAGgable iOS device prototypes
  ☆108Updated 3 months ago
• Siguza / IOKernelRW
  Insecurity as an IOService
  ☆89Updated 2 months ago
• haiyuidesu / sephelper
  IDA loader to help with SEPROM reverse engineering.
  ☆33Updated 5 months ago
• opa334 / sandbox_extension_generator
  iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives
  ☆129Updated 2 years ago
• alfiecg24 / KextRW
  macOS kext with kernel R/W, kalloc and kcall
  ☆79Updated 2 months ago
• jsherman212 / svc_stalker
  iOS system call/Mach trap interception for checkra1n'able devices
  ☆156Updated 3 years ago
• NyanSatan / Virtual-iBoot-Fun
  Another Virtualization.framework demo project, with focus to iBoot (WIP)
  ☆167Updated last year
• CRKatri / trustcache
  Interact with trustcaches
  ☆41Updated 2 years ago
• cellebrite-labs / ida_kernelcache
  An IDA Toolkit for analyzing iOS kernelcaches.
  ☆109Updated 2 weeks ago
• Siguza / libkrw
  Lib kernel r/w
  ☆192Updated 3 years ago
• tihmstar / libpatchfinder
  A arm offsetfinder. It finds offsets, patches, parses Mach-O and even supports IMG4/IMG3
  ☆148Updated this week
• Proteas / a7-sep-bug
  a7 sep bug
  ☆54Updated last year
• dayt0n / kairos
  64-bit iOS boot image patcher written in C
  ☆146Updated 2 years ago
• tjkr0wn / xnu_gym
  xnu_gym is a pongoOS module that patches XNU to reintroduce previously known and patched vulnerabilities. This is an easy way to practice…
  ☆55Updated 3 years ago
• 0x7ff / golb
  Mapping physical memory to user space (EL0) on iOS.
  ☆73Updated 2 years ago
• 0x7ff / dimentio
  Tool for getting and setting nonce without triggering KPP/KTRR/PAC.
  ☆114Updated 2 years ago
• userlandkernel / ios-unstripped-kexts
  Unstripped iOS kernel extensions and more. More coming soon.
  ☆56Updated 5 years ago
• matteyeux / autodecrypt
  Tool to decrypt 64 bits iOS firmware images (iBoot/LLB/iBSS/iBEC).
  ☆179Updated 2 years ago
• Muirey03 / CVE-2022-42864
  Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition
  ☆67Updated 2 years ago
• matteyeux / taco
  A tool to download and decrypt a 64 bits iOS firmware images written in Rust
  ☆44Updated last year
• jevinskie / xnu-trace
  Tracing of iOS/macOS binaries using HW single step and Frida DBI
  ☆80Updated 5 months ago
• Siguza / dt
  DeviceTree
  ☆80Updated 7 months ago
• bazad / devicetree-parse
  A tool to parse Apple's binary device tree format.
  ☆55Updated 5 years ago
• BlackwingHQ / iBoot64Binja
  Binary View plugin for reverse engineering iBoot like binaries with Binary Ninja
  ☆55Updated last year
• haiyuidesu / iBoot64Patcher
  Patch the iBoot64 with generic patches.
  ☆52Updated last year
• opa334 / xnuspy_syscall_logger
  Log all syscalls executed by a process (iOS / checkra1n / xnuspy)
  ☆65Updated 3 years ago
• 0x7ff / eclipsa
  Checkm8 PoC tool for A8, A8X and A9 devices that allows you to boot untrusted images (macOS only, credits: checkra1n team).
  ☆88Updated 4 years ago