Alternatives and similar repositories for desc_race-fun_public:

Users that are interested in desc_race-fun_public are comparing it to the libraries listed below

• opa334 / sandbox_extension_generator
  iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives
  ☆125Updated 2 years ago
• 0x7ff / dimentio
  Tool for getting and setting nonce without triggering KPP/KTRR/PAC.
  ☆114Updated last year
• pinauten / KernelPatchfinder
  ☆69Updated 2 years ago
• tihmstar / libpatchfinder
  A arm offsetfinder. It finds offsets, patches, parses Mach-O and even supports IMG4/IMG3
  ☆145Updated 7 months ago
• jakeajames / SneakyShot
  Kernel-based method to take screenshots on iOS, works with encrypted videos.
  ☆60Updated 4 years ago
• jsherman212 / iomfb-exploit
  Exploit for CVE-2021-30807
  ☆131Updated 3 years ago
• markie-dev / desc_race_A15
  CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15)
  ☆48Updated 3 years ago
• 0cyn / iBoot-IDA
  32/64 bit SecureROM/iBoot loader for IDA Pro. Also supports loading and decrypting encrypted .im4ps within IDA.
  ☆73Updated 3 years ago
• zhuowei / CoreTrustDemo
  Proof-of-concept for CVE-2022-26766 on macOS 12.3.1
  ☆84Updated 2 years ago
• Siguza / libkrw
  Lib kernel r/w
  ☆191Updated 3 years ago
• jakeajames / time_waste
  iOS 12.0-13.3 tfp0
  ☆151Updated 4 years ago
• chr1s0x1 / pwnedOS11
  WIP iOS 11 - 12.2 & 13b1,b2 Safari Jailbreak
  ☆44Updated 4 years ago
• alfiecg24 / Achilles
  A checkm8 utility for A7-A11 devices
  ☆66Updated 10 months ago
• haiyuidesu / iBoot64Finder
  Find some iBoot functions in an iBoot64.
  ☆41Updated 4 years ago
• jakeajames / sock_port
  iOS 10.0-12.2 tfp0
  ☆129Updated 5 years ago
• 0x7ff / eclipsa
  Checkm8 PoC tool for A8, A8X and A9 devices that allows you to boot untrusted images (macOS only, credits: checkra1n team).
  ☆88Updated 3 years ago
• haiyuidesu / sephelper
  IDA loader to help with SEPROM reverse engineering.
  ☆33Updated 3 months ago
• JakeBlair420 / Spice
  Spice - an unfinished iOS 11 untether
  ☆115Updated 3 years ago
• coolstar / libhooker-safemode
  Safe Mode for libhooker
  ☆28Updated 3 years ago
• chr1s0x1 / Elysian
  JB ETA????
  ☆29Updated 4 years ago
• NyanSatan / Anya
  iBoot/SEPOS decryption kit for JTAGgable iOS device prototypes
  ☆102Updated last month
• fmyyss / XNU_KERNEL_RESEARCH
  ☆132Updated last year
• opa334 / Presentations
  ☆71Updated 9 months ago
• KpwnZ / my_bugs_and_CVE_collection
  Collection of my bugs and CVE, with PoC or writeup
  ☆49Updated 11 months ago
• coolstar / libhooker
  libhooker OSS
  ☆147Updated last year
• citruz / pongoOS-QEMU
  Fork of PongoOS which can be run in QEMU
  ☆65Updated 3 years ago
• jsherman212 / svc_stalker
  iOS system call/Mach trap interception for checkra1n'able devices
  ☆154Updated 3 years ago
• opa334 / libroot
  Standardized API to get root path on iOS jailbreaks
  ☆77Updated 9 months ago
• Cryptiiiic / hookra1n
  A custom shellcode hook for checkra1n 0.1337 written in c!
  ☆38Updated last year
• alfiecg24 / Vertex
  iOS 14 kernel exploit based on PhysPuppet
  ☆59Updated 5 months ago