Alternatives and similar repositories for libtakeover

Users that are interested in libtakeover are comparing it to the libraries listed below

• jsherman212 / svc_stalker
  iOS system call/Mach trap interception for checkra1n'able devices
  ☆157Updated 4 years ago
• Haifisch / kuzz
  ios iokit fuzzer (really probably isn't that useful anymore tbh)
  ☆62Updated 8 years ago
• 0x7ff / dimentio
  Tool for getting and setting nonce without triggering KPP/KTRR/PAC.
  ☆116Updated 2 years ago
• userlandkernel / ios-unstripped-kexts
  Unstripped iOS kernel extensions and more. More coming soon.
  ☆59Updated 5 years ago
• DanyL / lockdownd_playground
  Lockdown related research, tools and POCs.
  ☆91Updated 6 years ago
• jakeajames / dylibify
  Transform any ARM macho executable to a dynamic library
  ☆79Updated 3 years ago
• hot3eed / objtree
  tree but for Objective-C messages.
  ☆123Updated last year
• deepinstinct / dsc_fix
  Aids in reverse engineering libraries from dyld_shared_cache in IDA
  ☆101Updated 8 years ago
• mwpcheung / AppleSEPFirmware
  Apple SEP reverse
  ☆53Updated 5 years ago
• xerub / patchfinder64
  iOS ARM64 kernel patchfinder
  ☆78Updated 6 years ago
• Siguza / libkrw
  Lib kernel r/w
  ☆190Updated 3 years ago
• jsherman212 / iosdbg
  experimental iOS debugger
  ☆29Updated 5 years ago
• opa334 / xnuspy_syscall_logger
  Log all syscalls executed by a process (iOS / checkra1n / xnuspy)
  ☆68Updated 3 years ago
• xerub / acorn
  untethered+unsandboxed code execution in iOS 11
  ☆186Updated 5 years ago
• jakeajames / sock_port
  iOS 10.0-12.2 tfp0
  ☆133Updated 6 years ago
• sbingner / kerneldec
  iOS Kernel Decompressor
  ☆90Updated 5 years ago
• jakeajames / kernelSymbolFinder
  Get kernel symbols on device. No jailbreak required (note: unslid addresses)
  ☆28Updated 7 years ago
• jakeajames / multi_path
  multi_path with root and sandbox escape
  ☆102Updated 7 years ago
• markie-dev / desc_race_A15
  CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15)
  ☆49Updated 3 years ago
• Proteas / ios13-sandbox-profile-format
  Binary Format of iOS 13 Sandbox Profile Collection
  ☆51Updated 5 years ago
• NyaMisty / xnu_bypass
  ☆48Updated 4 years ago
• Synacktiv-contrib / lightspeed
  PoC for the iOS 11.4.1 and MacOS 10.13 kernel vulnerability in lio_listio
  ☆77Updated 6 years ago
• cellebrite-labs / ida_kernelcache
  An IDA Toolkit for analyzing iOS kernelcaches.
  ☆111Updated 4 months ago
• doronz88 / hilda
  LLDB wrapped and empowered by iPython's features
  ☆143Updated this week
• marcograss / rust-kernelcache-extractor
  Extract a decrypted iOS 64-bit kernelcache
  ☆42Updated this week
• ChiChou / novacane
  Some frida scripts
  ☆68Updated 8 months ago
• lilang-wu / p-joker
  p-joker -- iOS/MacOS kernelcache/kexts analysis tool
  ☆111Updated 5 years ago
• Proteas / ios-anti-anti-dbg-in-kern
  Demo: Anti Anti-Debug in iOS Kernel
  ☆74Updated 7 years ago
• dayt0n / kairos
  64-bit iOS boot image patcher written in C
  ☆146Updated 2 years ago
• CRKatri / trustcache
  Interact with trustcaches
  ☆42Updated 2 years ago