zhuowei / CoreTrustDemo
Proof-of-concept for CVE-2022-26766 on macOS 12.3.1
☆84Updated 2 years ago
Alternatives and similar repositories for CoreTrustDemo:
Users that are interested in CoreTrustDemo are comparing it to the libraries listed below
- iOS 15.0 - 15.3.1 sandbox escape technique using kernel read/write primitives☆125Updated 2 years ago
- ☆67Updated 2 years ago
- Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition☆64Updated 2 years ago
- kfd, short for kernel file descriptor, is a project to read and write kernel memory on Apple devices.☆82Updated 10 months ago
- ☆21Updated 2 years ago
- A test app to check if your device is vulnerable to CVE-2021-30955☆19Updated last year
- Tool for getting and setting nonce without triggering KPP/KTRR/PAC.☆114Updated last year
- A checkm8 utility for A7-A11 devices☆66Updated 10 months ago
- iOS firmware key decrypter☆45Updated last year
- A arm offsetfinder. It finds offsets, patches, parses Mach-O and even supports IMG4/IMG3☆145Updated 6 months ago
- CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15)☆48Updated 2 years ago
- ☆118Updated 2 years ago
- Collection of my bugs and CVE, with PoC or writeup☆49Updated 11 months ago
- Exploit for CVE-2021-30807☆131Updated 3 years ago
- ☆71Updated 9 months ago
- iOS15.0-15.1 arm64e only☆49Updated 2 years ago
- Interact with trustcaches☆40Updated 2 years ago
- vnodebypass using hidePath of jelbrekLib(Jakeashacks) and maphys (0x7ff) + special thanks to akusio☆68Updated 2 years ago
- 32/64 bit SecureROM/iBoot loader for IDA Pro. Also supports loading and decrypting encrypted .im4ps within IDA.☆73Updated 3 years ago
- Securely extend the sandbox of system processes and user applications☆89Updated 6 months ago
- iOS 12.0-13.3 tfp0☆151Updated 4 years ago
- Checkm8 PoC tool for A8, A8X and A9 devices that allows you to boot untrusted images (macOS only, credits: checkra1n team).☆88Updated 3 years ago
- Untethered + Unsandboxed code execution haxx as root on iOS 14 - iOS 14.8.1.☆168Updated last year
- WIP iOS 11 - 12.2 & 13b1,b2 Safari Jailbreak☆44Updated 4 years ago
- Fast iOS executable dumper, Supporting TrollStore!☆64Updated 2 years ago
- Python adaptation for pelara1n☆37Updated 2 years ago
- Easily download the kernelcache for any iOS release, beta or OTA-only version.☆17Updated 6 months ago
- A custom shellcode hook for checkra1n 0.1337 written in c!☆38Updated last year
- ☆185Updated 2 years ago
- Utilities to deploy frida on rootless iOS and more☆122Updated 6 months ago