shinvou / decrypt0r
Automatically download and decrypt SecureRom stuff (iBSS, iBEC, iBoot, etc.) for all iOS versions available.
☆51Updated 5 years ago
Alternatives and similar repositories for decrypt0r:
Users that are interested in decrypt0r are comparing it to the libraries listed below
- A fuzzer for the iOS kernel and userland☆44Updated 6 years ago
- iOS ARM64 kernel patchfinder☆75Updated 5 years ago
- WIP iOS 11 - 12.2 & 13b1,b2 Safari Jailbreak☆43Updated 4 years ago
- Accessing physical memory on iOS.☆51Updated 4 years ago
- iOS Kernel Decompressor☆86Updated 4 years ago
- Research on Apple's USB protocols☆30Updated 5 years ago
- ☆36Updated last year
- IDA loader to help with SEPROM reverse engineering.☆33Updated 2 months ago
- Find some iBoot functions in an iBoot64.☆41Updated 4 years ago
- CVE-2018-4331: Exploit for a race condition in the GSSCred system service on iOS 11.2.☆24Updated 7 years ago
- Analyzes a binary iOS kernel to determine function offsets and where to apply the canonical jailbreak patches.☆66Updated 7 years ago
- Obtains the kernel task port and establishes a kernel function calling primitive on the iPhone XS, iPhone XR, and iPhone 8 running iOS 12…☆28Updated 6 years ago
- xnu_gym is a pongoOS module that patches XNU to reintroduce previously known and patched vulnerabilities. This is an easy way to practice…☆55Updated 3 years ago
- Binary Ninja loader for 64 bits Apple SEPROMs☆50Updated 8 months ago
- Mapping physical memory to user space (EL0) on iOS.☆72Updated 2 years ago
- powerd exploit : Sandbox escape to root for Apple iOS < 12.2 on A11 devices☆16Updated 5 years ago
- iBoot64 Payload Development Toolkit☆42Updated 7 years ago
- ☆20Updated 6 years ago
- use https://github.com/argp/iBoot64helper which is the orginal repo and far more advanced☆33Updated 5 years ago
- getf tfp0 on iOS 11.2 - 11.4.1☆70Updated 6 years ago
- Set DCSD LED according to device state (Normal/Recovery/DFU)☆29Updated 4 years ago
- ios iokit fuzzer (really probably isn't that useful anymore tbh)☆62Updated 8 years ago
- a tool that decompress the kernel cache once dercypted☆11Updated 8 years ago
- CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.☆59Updated 6 years ago
- Apple SEP reverse☆51Updated 4 years ago
- CVE-2018-4248: Out-of-bounds read in libxpc during string serialization.☆52Updated 6 years ago
- Tool for getting and setting nonce without triggering KPP/KTRR/PAC.☆114Updated last year
- extract various firmware blobs from iBoot☆42Updated 4 years ago
- Identifies common functions in iBSS/iBEC/iBoot/LLB☆32Updated 9 years ago
- Get kernel symbols on device. No jailbreak required (note: unslid addresses)☆26Updated 6 years ago