Alternatives and similar repositories for vma2pwn:

Users that are interested in vma2pwn are comparing it to the libraries listed below

• nick-botticelli / super-tart
  tart, but with custom AVPBooter ROM, serial I/O, DFU mode, GDB debugging (port 8000), and panic halting. See help menus for `tart create`…
  ☆42Updated last year
• bazad / devicetree-parse
  A tool to parse Apple's binary device tree format.
  ☆55Updated 4 years ago
• CRKatri / trustcache
  Interact with trustcaches
  ☆40Updated 2 years ago
• Siguza / nordump
  Apple Silicon NOR dumper
  ☆47Updated last year
• blacktop / ghidra-app
  Ghidra CI/CD to build and host a universal macOS Ghidra.app
  ☆36Updated 3 weeks ago
• NyanSatan / checkm8_bootkit
  Boot arbitrary iBoot via ipwndfu's custom protocol on some cursed platforms and more
  ☆53Updated last month
• haiyuidesu / iBoot64Patcher
  Patch the iBoot64 with generic patches.
  ☆50Updated 11 months ago
• seemoo-lab / plist17lib
  ☆21Updated last year
• Siguza / aea1
  AEA metadata dumper
  ☆46Updated 8 months ago
• Siguza / IOKernelRW
  Insecurity as an IOService
  ☆84Updated last year
• SongXiaoXi / Reductant
  Translate and patch arm64e binaries or macOS arm64 binaries to run on an arm64 iPhone at runtime.
  ☆49Updated 2 years ago
• nicolas17 / ipsw_keys
  Extract iOS firmware keys using on-device AES engine
  ☆35Updated 2 years ago
• jonpalmisc / srdsh
  Standalone SSH and CLI tools cryptex for the Apple SRD
  ☆16Updated last year
• NyanSatan / Virtual-iBoot-Fun
  Another Virtualization.framework demo project, with focus to iBoot (WIP)
  ☆164Updated last year
• 0xbf00 / simbple
  macOS Sandbox Profile Language (SBPL) Interpreter
  ☆53Updated 4 years ago
• NyanSatan / kanzitools
  Set of tools to interact with various aspects of Kanzi probe and its derivatives
  ☆45Updated 6 months ago
• zhuowei / iOS-run-macOS-executables-tools
  Failed experiment for running command line macOS tools on jailbroken iOS. There's nothing useful here.
  ☆42Updated 3 years ago
• blacktop / symbolicator
  `ipsw` symbolication signatures
  ☆60Updated 2 weeks ago
• Siguza / dt
  DeviceTree
  ☆78Updated 5 months ago
• Siguza / fscmp
  CLI frontend for com.apple.decmpfs / AppleFSCompression.framework
  ☆30Updated 2 years ago
• ReverseApple / gxpc
  Sniff XPC communication using Frida and Go
  ☆130Updated 2 weeks ago
• tony-go / snixpc
  XPC sniffer using LLDB
  ☆43Updated 5 months ago
• jevinskie / xnu-trace
  Tracing of iOS/macOS binaries using HW single step and Frida DBI
  ☆75Updated 3 months ago
• 0cyn / iBoot-IDA
  32/64 bit SecureROM/iBoot loader for IDA Pro. Also supports loading and decrypting encrypted .im4ps within IDA.
  ☆73Updated 3 years ago
• xerub / busybox-apple
  A working busybox for iOS and macOS
  ☆31Updated 2 years ago
• ProcursusTeam / launchctl
  An open source implemention of Apple's `launchctl(1)`
  ☆82Updated 2 months ago
• jonpalmisc / respawn
  Experimentation environment for checkm8-vulnerable devices
  ☆53Updated last year
• saagarjha / Presentations
  Slides and resources for talks I've given
  ☆15Updated 8 months ago
• DerekSelander / dynadump
  A runtime ObjC class-dump
  ☆70Updated 2 months ago
• UKERN-Developers / darwin-xnu
  Apple's XNU automatically updated live.
  ☆25Updated 3 years ago