pattern-f/xattr-oob-swap

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/pattern-f/xattr-oob-swap)

pattern-f / xattr-oob-swap

Demo exploit code for CVE-2020-27904, a tfp0 bug.

☆68

Alternatives and similar repositories for xattr-oob-swap

Users that are interested in xattr-oob-swap are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

Proteas / bindiff-tool
View on GitHub
An assistant for BinDiff
☆25Feb 21, 2023Updated 3 years ago
Antid0teCom / aarch64_mte
View on GitHub
IDA AArch64 processor extender extension: Adding support for ARMv8.5 memory tagging extension opcodes
☆27Jul 6, 2020Updated 5 years ago
raymontag / chain3
View on GitHub
☆50Jul 20, 2020Updated 5 years ago
jakeajames / sock_port
View on GitHub
iOS 10.0-12.2 tfp0
☆133Sep 3, 2019Updated 6 years ago
bazad / blanket
View on GitHub
CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesign…
☆260Nov 13, 2018Updated 7 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
tihmstar / v1ntex
View on GitHub
getf tfp0 on iOS 11.2 - 11.4.1
☆68Feb 7, 2019Updated 7 years ago
LIJI32 / SnatchBox
View on GitHub
SnatchBox (CVE-2020-27935) is a sandbox escape vulnerability and exploit affecting macOS up to version 10.15.x
☆32Dec 18, 2020Updated 5 years ago
potmdehex / slides
View on GitHub
Slides for presentations held at conferences
☆47Jan 2, 2023Updated 3 years ago
Proteas / ios13-sandbox-profile-format
View on GitHub
Binary Format of iOS 13 Sandbox Profile Collection
☆51Oct 30, 2019Updated 6 years ago
c0ntextomy / c0ntextomy
View on GitHub
CVE-2020-9992 - A design flaw in MobileDevice.framework/Xcode and iOS/iPadOS/tvOS Development Tools allows an attacker in the same networ…
☆73Sep 23, 2020Updated 5 years ago
alfiecg24 / Trigon
View on GitHub
Deterministic kernel exploit based on CVE-2023-32434.
☆129May 14, 2026Updated 2 weeks ago
citruz / pongoOS-QEMU
View on GitHub
Fork of PongoOS which can be run in QEMU
☆69Jun 7, 2021Updated 4 years ago
lilang-wu / p-joker
View on GitHub
p-joker -- iOS/MacOS kernelcache/kexts analysis tool
☆112May 18, 2020Updated 6 years ago
Siguza / libkrw
View on GitHub
Lib kernel r/w
☆192Nov 1, 2021Updated 4 years ago
GPUs on demand by Runpod - Special Offer Available • Ad
Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
jsherman212 / iomfb-exploit
View on GitHub
Exploit for CVE-2021-30807
☆133Nov 29, 2021Updated 4 years ago
osy / AMFIExemption
View on GitHub
Grant private entitlements to OSX apps
☆121Sep 13, 2020Updated 5 years ago
theevilbit / exploits
View on GitHub
☆89Sep 27, 2024Updated last year
matteyeux / ida-iboot-loader
View on GitHub
IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter
☆170Nov 2, 2024Updated last year
bazad / presentations
View on GitHub
Slides from my conference presentations.
☆79Aug 5, 2020Updated 5 years ago
alfiecg24 / Vertex
View on GitHub
iOS kernel exploit for iOS 14 and 15
☆105Jun 29, 2025Updated 11 months ago
Proteas / sep-fw-dyld-cache-loader
View on GitHub
IDA loader for SEP firmware with dyld cache support.
☆69Aug 22, 2024Updated last year
synacktiv / CVE-2021-1782
View on GitHub
☆40Feb 10, 2021Updated 5 years ago
chilik / srom64helper
View on GitHub
IDA loader for Apple SecureROM
☆13Sep 29, 2019Updated 6 years ago
End-to-end encrypted email - Proton Mail • Ad
Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
star-sg / V8Harvest
View on GitHub
☆35Jun 14, 2021Updated 4 years ago
mwpcheung / AppleSEPFirmware
View on GitHub
Apple SEP reverse
☆58Mar 31, 2020Updated 6 years ago
pwn0rz / xnu-build
View on GitHub
xnu build script
☆72Aug 31, 2023Updated 2 years ago
wangtielei / POCs
View on GitHub
☆124Aug 3, 2024Updated last year
b1n4r1b01 / desc_race
View on GitHub
iOS 15.1 kernel exploit POC for CVE-2021-30955
☆267Mar 1, 2022Updated 4 years ago
matteyeux / srom64helper
View on GitHub
use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced
☆33Sep 2, 2019Updated 6 years ago
synacktiv / CVE-2021-3492
View on GitHub
PoC for CVE-2021-3492 used at Pwn2Own 2021
☆43Aug 3, 2021Updated 4 years ago
dayt0n / kairos
View on GitHub
64-bit iOS boot image patcher written in C
☆147Sep 18, 2022Updated 3 years ago
bazad / threadexec
View on GitHub
A library to execute code in the context of other processes on iOS 11.
☆83Jul 25, 2018Updated 7 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
pattern-f / TQ-pre-jailbreak
View on GitHub
Hello from pattern-f.
☆283Aug 5, 2021Updated 4 years ago
m1stadev / Criptam
View on GitHub
iOS firmware key decrypter
☆46Aug 17, 2023Updated 2 years ago
exploit3dguy / asr64_patcher
View on GitHub
Easily patch ASR on 64-bit devices.
☆21Jun 24, 2021Updated 4 years ago
clemensg / xnu
View on GitHub
Git repository to browse the XNU releases from
☆10Sep 20, 2021Updated 4 years ago
ret2 / Pwn2Own-2021-Safari
View on GitHub
☆143Aug 17, 2022Updated 3 years ago
LIJI32 / ObjectiveHooker
View on GitHub
An extra light, extra simple Objective-C hooking framework
☆16Jun 18, 2025Updated 11 months ago
razmashat / multi_path-with-remount
View on GitHub
multi_path exploit now with remount for iOS 11.3.X (english version)
☆19Jul 4, 2018Updated 7 years ago