tihmstar / desc_race-fun_public

Related projects ⓘ

Alternatives and complementary repositories for desc_race-fun_public

• opa334 / sandbox_extension_generator
  iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives
  ☆123Updated 2 years ago
• 0x7ff / dimentio
  Tool for getting and setting nonce without triggering KPP/KTRR/PAC.
  ☆109Updated last year
• markie-dev / desc_race_A15
  CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15)
  ☆48Updated 2 years ago
• tihmstar / libpatchfinder
  A arm offsetfinder. It finds offsets, patches, parses Mach-O and even supports IMG4/IMG3
  ☆144Updated 3 months ago
• jsherman212 / iomfb-exploit
  Exploit for CVE-2021-30807
  ☆130Updated 2 years ago
• Siguza / libkrw
  Lib kernel r/w
  ☆191Updated 3 years ago
• akusio / MiniRootFileManager15
  iOS15.0-15.1 arm64e only
  ☆49Updated 2 years ago
• haiyuidesu / iBoot64Finder
  Find some iBoot functions in an iBoot64.
  ☆41Updated 3 years ago
• opa334 / Presentations
  ☆70Updated 5 months ago
• zhuowei / CoreTrustDemo
  Proof-of-concept for CVE-2022-26766 on macOS 12.3.1
  ☆84Updated 2 years ago
• jakeajames / SneakyShot
  Kernel-based method to take screenshots on iOS, works with encrypted videos.
  ☆61Updated 3 years ago
• chr1s0x1 / pwnedOS11
  WIP iOS 11 - 12.2 & 13b1,b2 Safari Jailbreak
  ☆43Updated 4 years ago
• pinauten / KernelPatchfinder
  ☆69Updated last year
• jakeajames / time_waste
  iOS 12.0-13.3 tfp0
  ☆151Updated 4 years ago
• 0x7ff / eclipsa
  Checkm8 PoC tool for A8, A8X and A9 devices that allows you to boot untrusted images (macOS only, credits: checkra1n team).
  ☆86Updated 3 years ago
• opa334 / kfd
  kfd, short for kernel file descriptor, is a project to read and write kernel memory on Apple devices.
  ☆80Updated 6 months ago
• alfiecg24 / Achilles
  A checkm8 utility for A7-A11 devices
  ☆56Updated 6 months ago
• KpwnZ / my_bugs_and_CVE_collection
  Collection of my bugs and CVE, with PoC or writeup
  ☆48Updated 7 months ago
• 0x7ff / golb
  Mapping physical memory to user space (EL0) on iOS.
  ☆67Updated last year
• jakeajames / sock_port
  iOS 10.0-12.2 tfp0
  ☆128Updated 5 years ago
• dora2ios / t8015_bootkit
  ☆35Updated 2 years ago
• chr1s0x1 / Elysian
  JB ETA????
  ☆29Updated 3 years ago
• 0cyn / iBoot-IDA
  32/64 bit SecureROM/iBoot loader for IDA Pro. Also supports loading and decrypting encrypted .im4ps within IDA.
  ☆68Updated 2 years ago
• opa334 / xnuspy_syscall_logger
  Log all syscalls executed by a process (iOS / checkra1n / xnuspy)
  ☆58Updated 2 years ago
• fmyyss / XNU_KERNEL_RESEARCH
  ☆130Updated 9 months ago
• Cryptiiiic / hookra1n
  A custom shellcode hook for checkra1n 0.1337 written in c!
  ☆37Updated 11 months ago
• p0larisdev / app
  ☆79Updated 3 months ago
• coolstar / libhooker-safemode
  Safe Mode for libhooker
  ☆28Updated 3 years ago
• m1stadev / Criptam
  iOS firmware key decrypter
  ☆45Updated last year
• CRKatri / trustcache
  Interact with trustcaches
  ☆39Updated last year