tjkr0wn/xnu_gym external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tjkr0wn/xnu_gym

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tjkr0wn/xnu_gym)

Close

tjkr0wn / xnu_gymView on GitHubMore

• External links
• Readme badge

xnu_gym is a pongoOS module that patches XNU to reintroduce previously known and patched vulnerabilities. This is an easy way to practice kernel exploitation and jailbreak development!

☆57Jun 17, 2021Updated 4 years ago

Alternatives and similar repositories for xnu_gym

Users that are interested in xnu_gym are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• matteyeux / sepfw-loader

  View on GitHub
  Binary Ninja loader for A12 SEP firmware
  ☆29Feb 4, 2021Updated 5 years ago
• EliseZeroTwo / iBoot-Binja-Loader

  View on GitHub
  iBoot/SecureROM Loader
  ☆35Feb 24, 2023Updated 3 years ago
• NyanSatan / StarInjector

  View on GitHub
  Writes to nand_llb and triggers the Image3 SHSH overlap bug
  ☆14Dec 2, 2023Updated 2 years ago
• matteyeux / binja-import-header

  View on GitHub
  Small binja plugin to import header file to types
  ☆18Nov 11, 2022Updated 3 years ago
• blacktop / darwin-webkit-build

  View on GitHub
  WebKit/JSC CodeQL Databases
  ☆17Dec 15, 2025Updated 3 months ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• BlackwingHQ / iBoot64Binja

  View on GitHub
  Binary View plugin for reverse engineering iBoot like binaries with Binary Ninja
  ☆55Jan 25, 2024Updated 2 years ago
• Proteas / sep-misc-A10-14.1-18A8395

  View on GitHub
  some research results of sep
  ☆20Apr 9, 2021Updated 4 years ago
• xsscx / ios-arm-research

  View on GitHub
  UPDATED: All the action is at https://github.com/xsscx/srd
  ☆13Jul 12, 2021Updated 4 years ago
• matteyeux / seprom-loader

  View on GitHub
  Binary Ninja loader for 64 bits Apple SEPROMs
  ☆59Sep 7, 2025Updated 6 months ago
• haiyuidesu / iBoot64Finder

  View on GitHub
  Find some iBoot functions in an iBoot64.
  ☆40Feb 10, 2021Updated 5 years ago
• galli-leo / emmutaler

  View on GitHub
  A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.
  ☆165Sep 18, 2021Updated 4 years ago
• iBoot32 / PwnBoot

  View on GitHub
  An Open-Source Work-In-Progress iOS 6 Jailbreak Using a Custom Ramdisk
  ☆11May 13, 2022Updated 3 years ago
• travisgoodspeed / symgrate2-binja-plugin

  View on GitHub
  A plugin for Binary Ninja to query the Symgrate2 database.
  ☆14Sep 11, 2021Updated 4 years ago
• c0ntextomy / c0ntextomy

  View on GitHub
  CVE-2020-9992 - A design flaw in MobileDevice.framework/Xcode and iOS/iPadOS/tvOS Development Tools allows an attacker in the same networ…
  ☆74Sep 23, 2020Updated 5 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• jonpalmisc / respawn

  View on GitHub
  Experimentation environment for checkm8-vulnerable devices
  ☆57Dec 30, 2023Updated 2 years ago
• haiyuidesu / iBoot64Patcher

  View on GitHub
  Patch the iBoot64 with generic patches.
  ☆52Mar 19, 2024Updated 2 years ago
• JRHeaton / restored_pwn

  View on GitHub
  Open source version of Apple's restored_external on the iPhone restore ramdisk
  ☆15Jun 2, 2010Updated 15 years ago
• Proteas / a7-sep-bug

  View on GitHub
  a7 sep bug
  ☆55Sep 26, 2023Updated 2 years ago
• Billy-Ellis / kobject

  View on GitHub
  A tool to pull C++ object names from kernel memory
  ☆16Aug 13, 2021Updated 4 years ago
• dora2ios / ramdiskF_maker

  View on GitHub
  for 32-bit iboot bug on ios 7
  ☆18Mar 11, 2020Updated 6 years ago
• jsherman212 / svc_stalker

  View on GitHub
  iOS system call/Mach trap interception for checkra1n'able devices
  ☆159Aug 10, 2021Updated 4 years ago
• citruz / pongoOS-QEMU

  View on GitHub
  Fork of PongoOS which can be run in QEMU
  ☆70Jun 7, 2021Updated 4 years ago
• JonathanSeals / Ancient-iBoot-Fun

  View on GitHub
  iOS 5.x iBoot fun for the whole family!
  ☆43Apr 23, 2020Updated 5 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• exploit3dguy / asr64_patcher

  View on GitHub
  Easily patch ASR on 64-bit devices.
  ☆20Jun 24, 2021Updated 4 years ago
• NyanSatan / checkm8_bootkit

  View on GitHub
  Boot arbitrary iBoot via ipwndfu's custom protocol on 32-bit platforms (and more)
  ☆65Dec 21, 2025Updated 3 months ago
• OpenJailbreak / oob_timstamp_ppl

  View on GitHub
  ☆16Jul 30, 2020Updated 5 years ago
• m1stadev / ios-tools

  View on GitHub
  Python tools of varying usefulness related to iOS jailbreaking.
  ☆29Jan 6, 2022Updated 4 years ago
• yrp604 / bad64

  View on GitHub
  Binja Arm64 Disassembler
  ☆102Feb 10, 2026Updated last month
• m1stadev / eyepatch

  View on GitHub
  An *OS bootchain patching library.
  ☆15Updated this week
• rA9stuff / ezDFU

  View on GitHub
  A quick way to sign iBSS - iBEC and upload it to device
  ☆19Feb 7, 2020Updated 6 years ago
• OpenJailbreak / sudochop

  View on GitHub
  iOS Userland Forensic Dumping Framework for iOS 7/8
  ☆20Oct 30, 2018Updated 7 years ago
• Spacecraft-NX / BootloaderUpdater

  View on GitHub
  ☆13Dec 5, 2020Updated 5 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• seemoo-lab / apple_u1

  View on GitHub
  ☆42Aug 5, 2021Updated 4 years ago
• miniexploit / pyipatcher

  View on GitHub
  iOS bootchain patchers in Python
  ☆13Jan 23, 2024Updated 2 years ago
• jsherman212 / xnuspy

  View on GitHub
  an iOS kernel function hooking framework for checkra1n'able devices
  ☆589Oct 6, 2021Updated 4 years ago
• dayt0n / kairos

  View on GitHub
  64-bit iOS boot image patcher written in C
  ☆146Sep 18, 2022Updated 3 years ago
• matteyeux / ida-iboot-loader

  View on GitHub
  IDA loader for Apple's 64 bits iBoot, SecureROM and AVPBooter
  ☆164Nov 2, 2024Updated last year
• Siguza / iokit-utils

  View on GitHub
  Dev tools for probing IOKit
  ☆202Sep 23, 2023Updated 2 years ago
• Synacktiv-contrib / lightspeed

  View on GitHub
  PoC for the iOS 11.4.1 and MacOS 10.13 kernel vulnerability in lio_listio
  ☆78Oct 31, 2018Updated 7 years ago