pattern-f/xattr-oob-swap

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/pattern-f/xattr-oob-swap)

pattern-f / xattr-oob-swap

Demo exploit code for CVE-2020-27904, a tfp0 bug.

☆69

Alternatives and similar repositories for xattr-oob-swap

Users that are interested in xattr-oob-swap are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

Proteas / bindiff-tool
View on GitHub
An assistant for BinDiff
☆25Feb 21, 2023Updated 3 years ago
Antid0teCom / aarch64_mte
View on GitHub
IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extension opcodes
☆27Jul 6, 2020Updated 5 years ago
raymontag / chain3
View on GitHub
☆51Jul 20, 2020Updated 5 years ago
jakeajames / sock_port
View on GitHub
iOS 10.0-12.2 tfp0
☆132Sep 3, 2019Updated 6 years ago
bazad / blanket
View on GitHub
CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesign…
☆259Nov 13, 2018Updated 7 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
tihmstar / v1ntex
View on GitHub
getf tfp0 on iOS 11.2 - 11.4.1
☆68Feb 7, 2019Updated 7 years ago
potmdehex / slides
View on GitHub
Slides for presentations held at conferences
☆48Jan 2, 2023Updated 3 years ago
LIJI32 / SnatchBox
View on GitHub
SnatchBox (CVE-2020-27935) is a sandbox escape vulnerability and exploit affecting macOS up to version 10.15.x
☆32Dec 18, 2020Updated 5 years ago
Proteas / ios13-sandbox-profile-format
View on GitHub
Binary Format of iOS 13 Sandbox Profile Collection
☆52Oct 30, 2019Updated 6 years ago
c0ntextomy / c0ntextomy
View on GitHub
CVE-2020-9992 - A design flaw in MobileDevice.framework/Xcode and iOS/iPadOS/tvOS Development Tools allows an attacker in the same networ…
☆74Sep 23, 2020Updated 5 years ago
alfiecg24 / Trigon
View on GitHub
Deterministic kernel exploit based on CVE-2023-32434.
☆127Aug 7, 2025Updated 7 months ago
citruz / pongoOS-QEMU
View on GitHub
Fork of PongoOS which can be run in QEMU
☆69Jun 7, 2021Updated 4 years ago
lilang-wu / p-joker
View on GitHub
p-joker -- iOS/MacOS kernelcache/kexts analysis tool
☆112May 18, 2020Updated 5 years ago
Siguza / libkrw
View on GitHub
Lib kernel r/w
☆190Nov 1, 2021Updated 4 years ago
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
ChiChou / entdb
View on GitHub
Host your own *OS Entitlement Database
☆56Oct 23, 2025Updated 5 months ago
jsherman212 / iomfb-exploit
View on GitHub
Exploit for CVE-2021-30807
☆134Nov 29, 2021Updated 4 years ago
osy / AMFIExemption
View on GitHub
Grant private entitlements to OSX apps
☆120Sep 13, 2020Updated 5 years ago
theevilbit / exploits
View on GitHub
☆89Sep 27, 2024Updated last year
matteyeux / ida-iboot-loader
View on GitHub
IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter
☆164Nov 2, 2024Updated last year
bazad / presentations
View on GitHub
Slides from my conference presentations.
☆80Aug 5, 2020Updated 5 years ago
alfiecg24 / Vertex
View on GitHub
iOS kernel exploit for iOS 14 and 15
☆107Jun 29, 2025Updated 9 months ago
Proteas / sep-fw-dyld-cache-loader
View on GitHub
IDA loader for SEP firmware with dyld cache support.
☆69Aug 22, 2024Updated last year
synacktiv / CVE-2021-1782
View on GitHub
☆40Feb 10, 2021Updated 5 years ago
Wordpress hosting with auto-scaling on Cloudways • Ad
Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
chilik / srom64helper
View on GitHub
IDA loader for Apple SecureROM
☆13Sep 29, 2019Updated 6 years ago
star-sg / V8Harvest
View on GitHub
☆36Jun 14, 2021Updated 4 years ago
mwpcheung / AppleSEPFirmware
View on GitHub
Apple SEP reverse
☆56Mar 31, 2020Updated 5 years ago
pwn0rz / xnu-build
View on GitHub
xnu build script
☆71Aug 31, 2023Updated 2 years ago
wangtielei / POCs
View on GitHub
☆126Aug 3, 2024Updated last year
b1n4r1b01 / desc_race
View on GitHub
iOS 15.1 kernel exploit POC for CVE-2021-30955
☆267Mar 1, 2022Updated 4 years ago
matteyeux / srom64helper
View on GitHub
use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced
☆33Sep 2, 2019Updated 6 years ago
synacktiv / CVE-2021-3492
View on GitHub
PoC for CVE-2021-3492 used at Pwn2Own 2021
☆43Aug 3, 2021Updated 4 years ago
dayt0n / kairos
View on GitHub
64-bit iOS boot image patcher written in C
☆146Sep 18, 2022Updated 3 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
bazad / threadexec
View on GitHub
A library to execute code in the context of other processes on iOS 11.
☆82Jul 25, 2018Updated 7 years ago
pattern-f / TQ-pre-jailbreak
View on GitHub
Hello from pattern-f.
☆284Aug 5, 2021Updated 4 years ago
FFRI / CVE-2025-24204
View on GitHub
PoC and technical details of CVE-2025-24204
☆105Oct 7, 2025Updated 5 months ago
m1stadev / Criptam
View on GitHub
iOS firmware key decrypter
☆45Aug 17, 2023Updated 2 years ago
exploit3dguy / asr64_patcher
View on GitHub
Easily patch ASR on 64-bit devices.
☆20Jun 24, 2021Updated 4 years ago
clemensg / xnu
View on GitHub
Git repository to browse the XNU releases from
☆10Sep 20, 2021Updated 4 years ago
ret2 / Pwn2Own-2021-Safari
View on GitHub
☆146Aug 17, 2022Updated 3 years ago