tjkr0wn/xnu_gym external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tjkr0wn/xnu_gym

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tjkr0wn/xnu_gym)

Close

tjkr0wn / xnu_gymView on GitHubMore

• External links
• Readme badge

xnu_gym is a pongoOS module that patches XNU to reintroduce previously known and patched vulnerabilities. This is an easy way to practice kernel exploitation and jailbreak development!

☆59Jun 17, 2021Updated 5 years ago

Alternatives and similar repositories for xnu_gym

Users that are interested in xnu_gym are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• matteyeux / sepfw-loader

  View on GitHub
  Binary Ninja loader for A12 SEP firmware
  ☆30Feb 4, 2021Updated 5 years ago
• EliseZeroTwo / iBoot-Binja-Loader

  View on GitHub
  iBoot/SecureROM Loader
  ☆35Feb 24, 2023Updated 3 years ago
• NyanSatan / StarInjector

  View on GitHub
  Writes to nand_llb and triggers the Image3 SHSH overlap bug
  ☆14Dec 2, 2023Updated 2 years ago
• matteyeux / binja-import-header

  View on GitHub
  Small binja plugin to import header file to types
  ☆17Nov 11, 2022Updated 3 years ago
• blacktop / darwin-webkit-build

  View on GitHub
  WebKit/JSC CodeQL Databases
  ☆17Dec 15, 2025Updated 6 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• BlackwingHQ / iBoot64Binja

  View on GitHub
  Binary View plugin for reverse engineering iBoot like binaries with Binary Ninja
  ☆56Jan 25, 2024Updated 2 years ago
• Proteas / sep-misc-A10-14.1-18A8395

  View on GitHub
  some research results of sep
  ☆20Apr 9, 2021Updated 5 years ago
• xsscx / ios-arm-research

  View on GitHub
  UPDATED: All the action is at https://github.com/xsscx/srd
  ☆12Jul 12, 2021Updated 4 years ago
• matteyeux / seprom-loader

  View on GitHub
  Binary Ninja loader for 64 bits Apple SEPROMs
  ☆60Sep 7, 2025Updated 9 months ago
• haiyuidesu / iBoot64Finder

  View on GitHub
  Find some iBoot functions in an iBoot64.
  ☆40Feb 10, 2021Updated 5 years ago
• galli-leo / emmutaler

  View on GitHub
  A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.
  ☆169Sep 18, 2021Updated 4 years ago
• iBoot32 / PwnBoot

  View on GitHub
  An Open-Source Work-In-Progress iOS 6 Jailbreak Using a Custom Ramdisk
  ☆11May 13, 2022Updated 4 years ago
• travisgoodspeed / symgrate2-binja-plugin

  View on GitHub
  A plugin for Binary Ninja to query the Symgrate2 database.
  ☆14Sep 11, 2021Updated 4 years ago
• c0ntextomy / c0ntextomy

  View on GitHub
  CVE-2020-9992 - A design flaw in MobileDevice.framework/Xcode and iOS/iPadOS/tvOS Development Tools allows an attacker in the same networ…
  ☆73Sep 23, 2020Updated 5 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• jonpalmisc / respawn

  View on GitHub
  Experimentation environment for checkm8-vulnerable devices
  ☆57Dec 30, 2023Updated 2 years ago
• haiyuidesu / iBoot64Patcher

  View on GitHub
  Patch the iBoot64 with generic patches.
  ☆53Mar 19, 2024Updated 2 years ago
• JRHeaton / restored_pwn

  View on GitHub
  Open source version of Apple's restored_external on the iPhone restore ramdisk
  ☆15Jun 2, 2010Updated 16 years ago
• Proteas / a7-sep-bug

  View on GitHub
  a7 sep bug
  ☆54Sep 26, 2023Updated 2 years ago
• Billy-Ellis / kobject

  View on GitHub
  A tool to pull C++ object names from kernel memory
  ☆16Aug 13, 2021Updated 4 years ago
• dora2ios / ramdiskF_maker

  View on GitHub
  for 32-bit iboot bug on ios 7
  ☆17Mar 11, 2020Updated 6 years ago
• jsherman212 / svc_stalker

  View on GitHub
  iOS system call/Mach trap interception for checkra1n'able devices
  ☆162Aug 10, 2021Updated 4 years ago
• citruz / pongoOS-QEMU

  View on GitHub
  Fork of PongoOS which can be run in QEMU
  ☆69Jun 7, 2021Updated 5 years ago
• JonathanSeals / Ancient-iBoot-Fun

  View on GitHub
  iOS 5.x iBoot fun for the whole family!
  ☆42Apr 23, 2020Updated 6 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• exploit3dguy / asr64_patcher

  View on GitHub
  Easily patch ASR on 64-bit devices.
  ☆21Jun 24, 2021Updated 4 years ago
• OpenJailbreak / oob_timstamp_ppl

  View on GitHub
  ☆16Jul 30, 2020Updated 5 years ago
• NyanSatan / checkm8_bootkit

  View on GitHub
  Boot arbitrary iBoot via ipwndfu's custom protocol on 32-bit platforms (and more)
  ☆69Dec 21, 2025Updated 5 months ago
• m1stadev / ios-tools

  View on GitHub
  Python tools of varying usefulness related to iOS jailbreaking.
  ☆30Jan 6, 2022Updated 4 years ago
• yrp604 / bad64

  View on GitHub
  Binja Arm64 Disassembler
  ☆105Feb 10, 2026Updated 4 months ago
• rA9stuff / ezDFU

  View on GitHub
  A quick way to sign iBSS - iBEC and upload it to device
  ☆18Feb 7, 2020Updated 6 years ago
• m1stadev / eyepatch

  View on GitHub
  An *OS bootchain patching library.
  ☆16Updated this week
• OpenJailbreak / sudochop

  View on GitHub
  iOS Userland Forensic Dumping Framework for iOS 7/8
  ☆21Apr 4, 2026Updated 2 months ago
• seemoo-lab / apple_u1

  View on GitHub
  ☆42Aug 5, 2021Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• Spacecraft-NX / BootloaderUpdater

  View on GitHub
  ☆13Dec 5, 2020Updated 5 years ago
• miniexploit / pyipatcher

  View on GitHub
  iOS bootchain patchers in Python
  ☆14Jan 23, 2024Updated 2 years ago
• jsherman212 / xnuspy

  View on GitHub
  an iOS kernel function hooking framework for checkra1n'able devices
  ☆594Oct 6, 2021Updated 4 years ago
• dayt0n / kairos

  View on GitHub
  64-bit iOS boot image patcher written in C
  ☆147Sep 18, 2022Updated 3 years ago
• matteyeux / ida-iboot-loader

  View on GitHub
  IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter
  ☆169Nov 2, 2024Updated last year
• Siguza / iokit-utils

  View on GitHub
  Dev tools for probing IOKit
  ☆204Sep 23, 2023Updated 2 years ago
• Synacktiv-contrib / lightspeed

  View on GitHub
  PoC for the iOS 11.4.1 and MacOS 10.13 kernel vulnerability in lio_listio
  ☆78Oct 31, 2018Updated 7 years ago