This repository started out as a learning in public project for myself and has now become a structured learning map for many in the community. We have 3 years under our belt covering all things Dev…

CVE-2020-9992 - A design flaw in MobileDevice.framework/Xcode and iOS/iPadOS/tvOS Development Tools allows an attacker in the same network to gain remote code execution on a target device

Splunk Technology Add-On (TA) for collecting ETW events from Windows systems

A fuzzer for the iOS kernel and userland

Apple hardware secrets

ios iokit fuzzer (really probably isn't that useful anymore tbh)

collection of verified Linux kernel exploits

My Chrome and Safari exploit code + write-up repo

Ghidra is a software reverse engineering (SRE) framework

Mapping physical memory to user space (EL0) on iOS.

iOS 10.0-12.2 tfp0

Awesome-Cellular-Hacking

Scalable fuzzing infrastructure.

powerd exploit : Sandbox escape to root for Apple iOS < 12.2 on A11 devices

Transform any ARM macho executable to a dynamic library

Native lldb 6.0.0 for iOS

dump encrypt iOS app (include Frameworks)

Unofficial fork from saurik git repository git:https://git.saurik.com/ldid.git

call functions in a remote process using Mach API

Reversing the Apple sandbox

image4 vfs

meine kleine rop compiler, circa 2012

getf tfp0 on iOS 12.0 - 12.1.2

Checks macOS for Kernel Task Port. It may help detect intrusive kexts that would leak the kernel task.

You don't need to be as fast as lightspeed, but a run on a treadm1ll surely doesn't hurt.

Obtains the kernel task port and establishes a kernel function calling primitive on the iPhone XS, iPhone XR, and iPhone 8 running iOS 12.1.2