call functions in a remote process using Mach API
☆106Mar 19, 2025Updated 11 months ago
Alternatives and similar repositories for libtakeover
Users that are interested in libtakeover are comparing it to the libraries listed below
Sorting:
- Experiment to attempt to build Apple's dyld tools.☆63May 29, 2020Updated 5 years ago
- iOS 10.0-12.2 tfp0☆131Sep 3, 2019Updated 6 years ago
- macOS kext for host_special_port(4) patch☆90Nov 13, 2023Updated 2 years ago
- Accessing physical memory on iOS.☆52Sep 21, 2020Updated 5 years ago
- iOS ARM64 kernel patchfinder☆16Jul 1, 2019Updated 6 years ago
- ☆49May 14, 2021Updated 4 years ago
- iOS 12.0-13.3 tfp0☆153Nov 16, 2020Updated 5 years ago
- Lockdown related research, tools and POCs.☆90May 18, 2019Updated 6 years ago
- ☆20Aug 29, 2022Updated 3 years ago
- ☆16Jul 30, 2020Updated 5 years ago
- iOS ARM64 kernel patchfinder☆77Aug 23, 2019Updated 6 years ago
- CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15)☆48Mar 14, 2022Updated 3 years ago
- A cross-platform library to parse Objective-C type encoding.☆43Sep 1, 2024Updated last year
- Mapping physical memory to user space (EL0) on iOS.☆74Jan 3, 2023Updated 3 years ago
- Give me tfp0, I give you jelbrek☆260Oct 28, 2020Updated 5 years ago
- CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.☆59Oct 28, 2018Updated 7 years ago
- Kernel-based method to take screenshots on iOS, works with encrypted videos.☆60Mar 10, 2021Updated 4 years ago
- just a kernelgrabber, for those who can't reach out of sandbox☆18Feb 24, 2024Updated 2 years ago
- get ready for 1212 jb hax☆11Apr 25, 2019Updated 6 years ago
- toy project for tracing objc_msgSend☆61Feb 9, 2026Updated 3 weeks ago
- Allow Xcode to start a custom debugserver with root privileges to debug iOS apps.☆258Jul 4, 2025Updated 7 months ago
- iOS Kernel Decompressor☆89May 12, 2020Updated 5 years ago
- An IDA Toolkit for analyzing iOS kernelcaches.☆110May 15, 2025Updated 9 months ago
- Transform any ARM macho executable to a dynamic library☆77Aug 24, 2022Updated 3 years ago
- iOS system call/Mach trap interception for checkra1n'able devices☆159Aug 10, 2021Updated 4 years ago
- Dev tools for probing IOKit☆200Sep 23, 2023Updated 2 years ago
- powerd exploit : Sandbox escape to root for Apple iOS < 12.2 on A11 devices☆17May 21, 2019Updated 6 years ago
- some research results of sep☆20Apr 9, 2021Updated 4 years ago
- Binary View plugin for reverse engineering iBoot like binaries with Binary Ninja☆54Jan 25, 2024Updated 2 years ago
- An iOS kernel exploit for iOS 11 through 12.1.2. Works on A7 - A11 devices.☆103Mar 16, 2019Updated 6 years ago
- an attempt to intercept syscalls for iOS applications that is unfinished and works only partially☆15May 3, 2020Updated 5 years ago
- A memory editor for iOS/macOS with JavaScript support☆39Jan 5, 2021Updated 5 years ago
- Bidirectional XPC message interception and more. Powered by Frida☆428Nov 9, 2022Updated 3 years ago
- Transform any ARM macho executable to a dynamic library☆44Mar 14, 2025Updated 11 months ago
- a Ghidra framework for iOS kernelcache reverse engineering☆363Nov 6, 2022Updated 3 years ago
- an iOS kernel function hooking framework for checkra1n'able devices☆582Oct 6, 2021Updated 4 years ago
- chroot based kernel level jailbreak detection bypass.☆52Sep 16, 2021Updated 4 years ago
- Binary Format of iOS 13 Sandbox Profile Collection☆52Oct 30, 2019Updated 6 years ago
- Utility to create tbd's off dylibs☆77Nov 4, 2020Updated 5 years ago