Skip to content

geeksniper/reverse-engineering-toolkit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 

Repository files navigation

Reverse-Engineering-toolkit

  • Reverse Engineering Resource Collection. 3500+ open source tools, 2300+ blog posts.

Directory

IDA

Tools

  • Mainly from Github

Recent Add

No Category

  • [1058Star][17d] [Py] fireeye/flare-ida Multiple IDA plugins and IDAPython scripts

    • StackStrings recovery of manually constructed strings described here
    • Struct Typer implements the struct typing described here
    • ApplyCalleeType specify or choose a function type for indirect calls as described here
    • argtracker identify static arguments to functions used within a program
    • idb2pat generate function patterns from an existing IDB database that can then be turned into FLIRT signatures to help identify similar functions in new files. more info
    • objc2_analyzer creates cross-references between selector references and their implementations as defined in the Objective-C runtime related sections of the target Mach-O executable
    • MSDN Annotations adds MSDN information from a XML file to the IDB database. more info
    • ironstrings uses code emulation to recover constructed strings (stackstrings) from malware
    • Shellcode Hashes create the database for hash search described in here

  • [737Star][7m] [Py] devttys0/ida Collection of IDA Python plugins/scripts/modules.

    • wpsearch Searches for immediate values commonly founds in MIPS WPS checksum implementations.
    • md5hash A sample implementation of MD5 in pure Python
    • alleycat Finds paths to a given code block inside a function; Finds paths between two or more functions; Generates interactive call graphs
    • codatify Defines ASCII-strings/functions/code that IDA's auto analysis missed; Converts all undefined bytes in the data segment into DWORDs
    • fluorescence Un/highlights function call instructions
    • leafblower Assists in identifying standard POSIX functions in MIPS/ARM code.
    • localxrefs Finds references to any selected text from within the current function
    • mipslocalvars Names stack variables used by the compiler for storing registers on the stack, simplifying stack data analysis (MIPS only)
    • mipsrop Allows you to search for suitable ROP gadgets in MIPS executable code; Built-in methods to search for common ROP gadgets
    • rizzo Identifies and re-names functions between two or more IDBs

  • [318Star][2m] [C] ohjeongwook/darungrim A patch analysis tool

  • [312Star][1y] [C++] nevermoe/unity_metadata_loader load strings and method/class names in global-metadata.dat to IDA

  • [277Star][4m] [Py] jpcertcc/aa-tools Multiple RE plugins and scripts

  • [114Star][1y] [Py] vallejocc/reverse-engineering-arsenal Useful Scripts for helping in reverse engeenering

    • WinDbg WinDBG script collection
    • IDA-set_symbols_for_addresses asks you for a file containing pairs address - symbol. It walks all segments searching for DWORDs matching the addresses of the given file of pairs address - symbols, and it will name the variable containing the address with the symbol name
    • IDA-stack_strings_deobfuscator_1 Some malware families construct strings into the stack
    • RevealPE

  • [80Star][4m] [Py] takahiroharuyama/ida_haru scripts for IDA Pro

    • bindiff BinDiff wrapper script for multiple binary diffing
    • eset_crackme IDA Pro loader/processor modules for ESET CrackMe driver VM
    • fn_fuzzy IDAPython script for fast multiple binary diffing triage
    • stackstring_static IDAPython script statically-recovering strings constructed in stack

  • [75Star][10m] [Py] secrary/ida-scripts IDAPro scripts/plugins

    • dumpDyn IDAPython plugin(script) which saves comments, names, breakpoints, functions from one execution to another.
    • idenLib Library Function Identification
    • IOCTL_decode Windows Device IO Control Code
    • XORCheck check xor

  • [60Star][2y] [Py] tmr232/idabuddy a reverse-engineer's best friend. Designed to be everything Clippy the Office Assistant was, and more!

  • [59Star][2y] [C++] alexhude/loadprocconfig IDA Plugin to load processor configuration files.

  • [59Star][2m] [Py] williballenthin/idawilli IDA Pro resources, scripts, and configurations

    • hint_calls IDA plugin to display the calls and strings referenced by a function as hints.
    • dynamic_hints an example plugin that demonstrates how to provide custom hints with dynamic data.
    • add_segment IDAPython plugin that adds the contents of a file as a new segment in an existing idb
    • color IDAPython script that colors instructions
    • find_ptrs IDAPython script that scans through the .text section for values that could be pointers (32-bit).
    • yara_fn IDAPython script that generates a YARA rule to match against the basic blocks of the current function
    • idawilli a python module that contains utilities for working with the idapython scripting interface.
    • themes colors and skins

  • [58Star][20d] [Py] lich4/personal_script 010Editor/BurpSuite/Frida/IDA tools and scripts collection

    • Also In Section: IDA->Tools->Import Export->Frida |DBI->Frida->Tools->Recent Add |
    • 010Editor 010Editor scripts
    • ParamChecker Burp插件
    • Frida Frida Scripts
    • IDA IDA Scripts
    • IDA-read_unicode.py When there is chinese unicode character in programe, due to python's shortage, ida could not recongnized them correctly, it's what my script just do
    • IDA-add_xref_for_macho When you deal with macho file with ida, you'll find out that it's not easy to find Objc-Class member function's caller and callee, (because it use msgSend instead of direct calling convention), so we need to make some connection between the selector names and member function pointers, it's what my script just do
    • IDA-add_info_for_androidgdb When you debug android with IDA and gdbserver, you'd find that the module list and segment is empy, while we can read info from /proc/[pid]/,
    • IDA-trace_instruction this script is to trace instruction stream in one run
    • IDA-detect_ollvm this script is to detect ollvm and fix it in some extent, apply to android and ios
    • IDA-add_block_for_macho this script is used to analysis block structure exist in macho file, target NSConcreteStackBlock/NSConcreteGlobalBlock currently, also contain some wonderful skills

  • [54Star][1y] [Py] zardus/idalink idalink arose of the need to easily use IDA's API for analysis without wanting to be stuck in the IDA interface

  • [52Star][3y] [C++] sektioneins/wwcd Capstone powered IDA view

  • [51Star][2y] [Py] cseagle/ida_clemency IDA cLEMENCy Tools

    • clemency_ldr IDA loader module to create the basic memory layout and handle the loading of 9-bit, middle-endian, cLEMENCy executables.
    • clemency_proc IDA processor module to handle disassembly and assembly tasks
    • clemency_dump IDA plugin to allow for dumping modified database content back to a packed 9-bit, middle-endian file
    • clemency_fix IDA plugin to assist with fixing up poorly disassembled functions that might branch/call into regions that continue to be marked as data blocks.

  • [49Star][12m] [Py] agustingianni/utilities Uncategorized utilities

    • DumpFunctionBytes dumps the current function (you need to position the cursor on the start of the function) as a shellcode. It does a very limited analysis of the function in order to let you know that you need to fix call sites to functions
    • func_references print all the function calls to a given function. This is generally used to look for calls to malloc like function
    • arm_frequency takes as input the output of objdump on an ARM binary. It will show the ammount of times every instruction was used, sorted by the most used ones.
    • struct_hint infer what's the underlying structure used by a function. Highly heuristic. Don't trust it blindly, just try to use what it gives you and work from that.
    • string_finder Utility to find all the strings inside an ill formed IDA Database
    • simple_jack Simple Jack symbol porting tool by goose
    • renamer Rename files in a directory to its sha1 sum plus an extension.
    • prolog_finder Find potential ARM procedures prolog
    • minset Tool to calculate the minimum set of files that have approximatelly the best coverage.
    • mark_interesting Small idapython script that finds all the signed comparisions and marks them with a color.
    • machofinder Hacky script to gather all the mach-o file (and fat).
    • find_hardref Script to find hardcoded references inside an IDA database.

  • [47Star][4y] [Py] jjo-sec/idataco IDATACO IDA Pro Plugin

  • [46Star][7y] [Py] carlosgprado/milf An IDA Pro swiss army knife

    • milf Some useful methods in vulnerability discovery

  • [42Star][4y] [C++] nihilus/guid-finder find GUID/UUIDs

  • [40Star][7m] [Visual Basic .NET] dzzie/re_plugins misc reverse engineering plugins

    • IDASrvr wm_copydata IPC server running in IDA. allows you to send commands to IDA from another process to query data and control interface display
    • IDA_JScript Script IDA in Javascript
    • IDA_JScript_w_DukDbg same as IDA_JScript, but using the dukdbg.ocx as full on javascript debugger
    • IDASrvr2 support x64
    • IdaUdpBridge this replaces the udp command socket in idavbscript which was crashy
    • IdaVbScript ton of small tools for IDA all thrown into one interface
    • OllySrvr wm_copydata IPC server running in olly
    • Olly_hittrace You set breakpoints in the UI and it will then run the app automating it and logging which ones were hit.
    • Olly_module_bpx allow you to set breakpoints within modules which have not yet been loaded.
    • Olly_vbscript vbscript automation capability for olly including working across breakpoint events.
    • PyIDAServer experiment to test a python based IPC server running in IDA that remote process clients can control and query IDA with.
    • Wingraph32 This is another experiment at a wingraph32 replacement for ida. This one has more features to hide nodes, and can also navigate IDA to the selected function when you click on it in the graph.
    • rabc_gui this is a GUI front end for RABCDAsm to disasm, reasm, and reinsert modified script blocks back into flash files.
    • swfdump_gui when run against a target swf, it will create a decompressed version of the swf and a .txt disasm log file these files will be cached and used on subsequent loads. if you wish to start over from scratch use the tools->delete cached * options.
    • gleegraph a quick Wingraph32/qwingraph replacement that has some extra features such as being able to navigate IDA to the selected nodes when they are clicked on in graph view, as well as being able to rename the selected node from the graph, or adding a prefix to all child nodes below it.
    • hidden_strings scans for strings being build up in char arrays at runtime to hide from traditional strings output
    • memdump_conglomerate reads a folder full of memory dumps and puts them all into a single dll husk so they will disassemble at the proper offsets.
    • memdump_embedder takes a memory dump and embeds it into a dummy dll husk so that you can disassemble it at the target base address without having to manually reset it everytime
    • rtf_hexconvert small tool to extract hex strings from a rtf document and show them in a listview. click on listitem to see decoded data in a hexeditor pane where you can save it
    • uGrapher rename real wingraph32.exe to _wingraph.exe and put this one in its place.
    • wininet_hooks httpsendhook.dll hooks the following wininet api calls:HttpOpenRequest,InternetConnect,InternetReadFile,InternetCrackUrl,HttpSendRequest

  • [40Star][2y] [Py] mxmssh/idametrics static software complexity metrics collection

  • [38Star][2y] [Py] saelo/ida_scripts Collection of IDA scripts

    • kernelcache Identify and rename function stubs (plt entries) in an iOS kernelcache. ARM64 only.
    • ssdt Resolve syscall table entries in the Windows kernel.

  • [34Star][4y] [Py] madsc13ntist/idapython My collection of IDAPython scripts.(No Documentation)

  • [32Star][5y] [Py] iphelix/ida-pomidor a productivity plugin for Hex-Ray's IDA Pro disassembler.

  • [28Star][1y] [Py] xyzz/vita-ida-physdump help with physical memory dump reversing

  • [27Star][1y] [Py] daniel_plohmann/simplifire.idascope An IDA Pro extension for easier (malware) reverse engineering

  • [27Star][6m] [Py] enovella/re-scripts IDA, Ghidra and Radare2 scripts(no documentation)

  • [26Star][5y] [Py] bastkerg/recomp IDA recompiler(No Documentation)

  • [26Star][8m] [C++] offlinej/ida-rpc Discord rich presence plugin for IDA Pro 7.0

  • [25Star][3y] [Py] zyantific/continuum Plugin adding multi-binary project support to IDA Pro (WIP)

  • [23Star][3m] [Py] rceninja/re-scripts

    • Hyperv-Scripts
    • IA32-MSR-Decoder an IDA script which helps you to find and decode all MSR codes inside binary files
    • IA32-VMX-Helper an IDA script (Updated IA32 MSR Decoder) which helps you to find and decode all MSR/VMCS codes inside binary files

  • [23Star][10m] [C++] trojancyborg/ida_jni_rename IDA JNI clal rename

  • [22Star][5y] [Py] nihilus/idascope An IDA Pro extension for easier (malware) reverse engineering(Bitbucket has newer version)

  • [22Star][4m] [Py] nlitsme/idascripts IDApro idc and idapython script collection

  • [22Star][4y] [Py] onethawt/idapyscripts IDAPython scripts

    • DataXrefCounter A small IDAPython plugin which enumerates all of the the x-references in a specific segment and counts the frequency of usage

  • [22Star][3y] [C++] patois/idaplugins Random IDA scripts, plugins, example code (some of it may be old and not working anymore)

  • [20Star][1y] [Py] hyuunnn/ida_python_scripts IDAPython scripts(No Documentation)

  • [20Star][2y] [C#] zoebear/radia create an interactive and immerse environment to visualize code, and to augment the task of reverse engineering binaries

  • [20Star][3y] [Py] ztrix/idascript Full functional idascript with stdin/stdout handled

  • [20Star][1y] [Py] hyuunnn/ida_python_scripts ida python scripts

  • [20Star][2m] [Py] mephi42/ida-kallsyms (No Doc)

  • [19Star][1y] [Py] a1ext/ida-embed-arch-disasm Allows you to disassemble x86-64 code (like inlined WOW64 one) while you using 32-bit IDA database

  • [19Star][9m] [Py] yellowbyte/reverse-engineering-playground Scripts I made to aid me in everyday reversing or just for fun.

    • idapython-scripts
    • IDA-ARMdetect Identifies all sections in a ARM binary that is setting up (writing to) a pin, reading a pin (using the pin as input pin), or interfacing with other devices on the board using I2C
    • IDA-CCCheck The 0xCC byte is the byte representing int 3, or software breakpoint. When you make a software breakpoint on an instruction, the debugger replaces the first byte of the instruction to 0xCC.
    • IDA-Deobfuscate directly patch the bytes in IDA so IDA will show the correct deobfuscated listing rather than writing the deobfuscated listing to a separate file
    • IDA-FindMain automatically find and rename main as "main" and then move cursor position in IDA's disassembly listing to beginning of main.(In a stripped ELF executable, IDA will not be able to identify main)
    • IDA-intCheck Interrupts are either generated by external sources, such as I/O devices, or by processor-detected exceptions in the running code
    • IDA-JccFlip Changes a jcc instruction to its opposite representation.
    • IDA-LocFuncAnalyzer In a stripped ELF binary, local functions are deprived of its original name. This is why local functions are not usually the starting point when doing analysis since without its original name, all local functions look exactly the same as one another. This script aims to change that
    • IDA-MalCheck Checks an executable for usage of API that has a high chance of being used maliciously or for anti-reversing purposes such as IsDebuggerPresent
    • IDA-NopSled Either convert the instructions that user select/highlight or the instruction that the mouse cursor is on to NOPs
    • IDA-RdtscCheck rdtsc instruction puts the number of ticks since the last system reboot in EDX:EAX
    • file_format_hacks File Format Hacks
    • file_analysis
    • shellcode_analysis Shellcode Analysis

  • [17Star][1y] [Py] honeybadger1613/etm_displayer IDA Pro плагин для отображения результата Coresight ETM трассировки perf'а

  • [16Star][5y] fabi/idacsharp C# 'Scripts' for IDA 6.6+ based on

  • [15Star][8m] [CMake] google/idaidle a plugin for the commercial IDA Pro disassembler that warns users if they leave their instance idling for too long

  • [14Star][4y] [C++] nihilus/fast_idb2sig_and_loadmap_ida_plugins ida plugins

    • LoadMap An IDA plugin, which loads a VC/Borland/Dede map file into IDA 4.5
    • idb2sig

  • [13Star][2y] [Py] cisco-talos/pdata_check identify unusual runtimes based on the pdata section and the last instruction of the runtime function

  • [13Star][1y] [C++] nihilus/graphslick IDA Plugin - GraphSlick

  • [13Star][1y] [Py] cxm95/ida_wrapper An IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.

  • [12Star][1y] [Assembly] gabrielravier/cave-story-decompilation Decompilation of Cave Story. Can be opened with IDA Pro (freeware and pro version).

  • [11Star][2y] [Py] 0xddaa/iddaa idapython scripts

  • [11Star][5y] [Py] dshikashio/idarest Expose some basic IDA Pro interactions through a REST API for JSONP

  • [11Star][10m] [C++] ecx86/ida7-supportlib IDA-SupportLib library by sirmabus, ported to IDA 7

  • [10Star][4y] [C++] revel8n/spu3dbg Ida Pro debugger module for the anergistic SPU emulator.

  • [9Star][4y] [Py] nfarrar/ida-colorschemes A .clr colorscheme generator for IDA Pro 6.4+.

  • [9Star][2m] [C++] nlitsme/idcinternals investigate the internals of IDA

  • [9Star][5y] [Ruby] rogwfu/plympton Library to work with yaml exported IDA Pro information and run statistics

  • [9Star][9m] [Py] 0xcpu/relieve Scripts used for reverse engineering, malware analysis.

    • elfie display (basic) info about an ELF, similar to readelf.
    • elforensics check ELF for entry point hooks, RWX sections, CTORS & GOT & PLT hooks, function prologue trampolines.
    • dololi unfinished, the idea is to automatically generate an executable that calls exports from DLL(s).

  • [8Star][5y] [Py] daniel_plohmann/idapatchwork Stitching against malware families with IDA Pro

  • [8Star][2y] [C++] ecx86/ida7-segmentselect IDA-SegmentSelect library by sirmabus, ported to IDA 7

  • [8Star][2y] [Py] fireundubh/ida7-alleycat Alleycat plugin by devttys0, ported to IDA 7

  • [8Star][2m] [Py] lanhikari22/gba-ida-pseudo-terminal IDAPython tools to aid with analysis, disassembly and data extraction using IDA python commands, tailored for the GBA architecture at some parts

  • [8Star][3y] [Py] pwnslinger/ibt IDA Pro Back Tracer - Initial project toward automatic customized protocols structure extraction

  • [8Star][2y] [C++] shazar14/idadump An IDA Pro script to verify binaries found in a sample and write them to disk

  • [7Star][2y] [Py] swackhamer/ida_scripts IDAPython scripts(No Doc)

  • [7Star][10m] [Py] techbliss/ida_pro_http_ip_geolocator look up web addresses and resolve it to a ip and look it via google maps

  • [7Star][5y] [Py] techbliss/processor-changer change processor inside ida, No need to Reopen Ida Pro

  • [7Star][1y] [C++] tenable/mida an IDA plugin which extracts RPC interfaces and recreates the associated IDL file

  • [7Star][1y] [C++] ecx86/ida7-hexrays-invertif Hex-Rays Invert if statement plugin for IDA 7.0

  • [6Star][2y] [CMake] elemecca/cmake-ida This project provides CMake support for building IDA Pro modules.

  • [6Star][9m] [Py] geosn0w/dumpanywhere64 An IDA (Interactive Disassembler) script that can save a chunk of binary from an address.

  • [5Star][3y] [Py] andreafioraldi/idavshelp IDAPython plugin to integrate Visual Studio Help Viewer in IDA Pro >= 6.8.

  • [5Star][5m] [Py] fdiskyou/ida-plugins IDAPython scripts(No Documentation)

  • [5Star][3y] [Py] gh0st3rs/idassldump Simple IDAPython script for dump ssl traffic to file

  • [5Star][1y] [C++] lab313ru/m68k_fixer IDA Pro plugin fixer for m68k

  • [5Star][5y] [C#] npetrovski/ida-smartpatcher IDA apply patch GUI

  • [5Star][4y] [Py] tmr232/tarkus Plugin Manager for IDA Pro

  • [5Star][2y] abarbatei/ida-utils links, information and helper scripts for IDA Pro

  • [4Star][3m] [Py] gitmirar/idaextapi IDA API utlitites

  • [4Star][3y] [Py] hustlelabs/joseph IDA Viewer Plugins

  • [4Star][1y] savagedd/samp-server-idb

  • [4Star][3m] [Py] spigwitmer/golang_struct_builder IDA 7.0+ script that auto-generates structs and interfaces from runtime metadata found in golang binaries

  • [3Star][10m] [Py] gdataadvancedanalytics/ida-python Random assembly of IDA Python scripts

    • defineIAT written for the Trickbot sample with sha256 8F590AC32A7C7C0DDFBFA7A70E33EC0EE6EB8D88846DEFBDA6144FADCC23663A
    • stringDecryption written for the Trickbot sample with sha256 8F590AC32A7C7C0DDFBFA7A70E33EC0EE6EB8D88846DEFBDA6144FADCC23663A

  • [3Star][5y] [C++] nihilus/ida-x86emu x86 emulator

  • [3Star][2y] [Py] ypcrts/ida-pro-segments It's very hard to load multiple files in the IDA GUI without it exploding. This makes it easy.

  • [2Star][2y] [C++] ecx86/ida7-oggplayer IDA-OggPlayer library by sirmabus, ported to IDA 7

  • [2Star][2y] [Py] mayl8822/ida SearchGoogle

  • [2Star][4y] [Py] nihilus/idapatchwork Stitching against malware families with IDA Pro

  • [2Star][2y] [Py] sbouber/idaplugins

  • [2Star][2m] [Py] psxvoid/idapython-debugging-dynamic-enrichment

  • [1Star][2y] [Py] andreafioraldi/idamsdnhelp IdaPython plugin to open MSDN Search page

  • [1Star][1y] [Py] farzonl/idapropluginlab4 An ida pro plugin that tracks def use chains of a given x86 binary.

  • [1Star][3m] [Py] voidsec/ida-helpers Collection of IDA helpers

  • [0Star][3y] [Py] kcufid/my_ida_python My idapython decode data

  • [0Star][1y] [Py] ruipin/idapy Various IDAPython libraries and scripts

  • [0Star][9m] [Py] tkmru/idapython-scripts IDAPro scripts

Structure&&Class

No Category

C++ Class&&Virtual Table

  • [607Star][3m] [Py] 0xgalz/virtuailor IDAPython tool for C++ vtables reconstruction

    • Also In Section: IDA->Tools->Debug->Debugger Data |

      View Details

      静态部分:

      • 检测非直接调用
      • 利用条件断点, Hook非直接调用的值赋值过程

      动态 部分

      • 创建虚表结构
      • 重命名函数和虚表地址
      • 给反汇编非直接调用添加结构偏移
      • 给非直接调用到虚表之间添加交叉引用

      使用

      • File -> Script File -> Main.py(设置断点) -> IDA调试器执行

  • [171Star][10m] [C++] ecx86/classinformer-ida7 ClassInformer backported for IDA Pro 7.0

  • [130Star][2y] [Py] nccgroup/susanrtti Another RTTI Parsing IDA plugin

  • [90Star][1y] [C++] rub-syssec/marx Uncovering Class Hierarchies in C++ Programs

  • [69Star][7y] [C] nektra/vtbl-ida-pro-plugin Identifying Virtual Table Functions using VTBL IDA Pro Plugin + Deviare Hooking Engine

  • [35Star][5y] [C++] nihilus/ida_classinformer IDA ClassInformer PlugIn

  • [32Star][2y] [Py] krystalgamer/dec2struct Python plugin to easily setup vtables in IDA using declaration files

  • [16Star][2y] [C++] mwl4/ida_gcc_rtti Class informer plugin for IDA which supports parsing GCC RTTI

Collection

Skin&&Theme

Firmware&&Embed Device

  • [5228Star][2m] [Py] refirmlabs/binwalk a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
  • [492Star][5m] [Py] maddiestone/idapythonembeddedtoolkit a set of script to automate many of the steps associated with statically analyzing, or reverse engineering, the firmware of embedded devices in IDA Pro.
  • [177Star][2y] [Py] duo-labs/idapython a few Python modules developed for use with IDA Pro from the researchers at Duo Labs.
    • Also In Section: IDA->Tools->Apple->No Category |
    • cortex_m_firmware grooms an IDA Pro database containing firmware from an ARM Cortex M microcontroller.
    • amnesia an IDAPython module designed to use byte level heuristics to find ARM thumb instructions in undefined bytes in an IDA Pro database
    • REobjc an IDAPython module designed to make proper cross references between calling functions and called functions in Objective-C methods
  • [101Star][1m] [Py] pagalaxylab/vxhunter A ToolSet for VxWorks Based Embedded Device Analyses.

Signature(FLIRT...)&&Diff&&Match

No Category

FLIRT

FLIRT Signature Collection
FLIRT Signature Generate

Diff&&Match

  • [1554Star][13d] [Py] joxeankoret/diaphora program diffing
  • [360Star][1m] [Py] checkpointsw/karta source code assisted fast binary matching plugin for IDA
  • [332Star][1y] [Py] joxeankoret/pigaios A tool for matching and diffing source codes directly against binaries.
  • [135Star][1y] [Py] nirizr/rematch REmatch, a complete binary diffing framework that is free and strives to be open source and community driven.
  • [95Star][7m] [Visual Basic .NET] dzzie/idacompare a plugin for IDA which is designed to help you line up functions across two separate disassemblies
  • [73Star][4y] [C] nihilus/ida_signsrch IDA Pro plug-in conversion of Luigi Auriemma's signsrch signature matching tool.
  • [72Star][5y] [Py] binsigma/binsourcerer Assembly to Source Code Matching Framework for IDA Pro.
  • [72Star][3y] vrtadmin/first Function Identification and Recovery Signature Tool
  • [52Star][5y] [C++] filcab/patchdiff2 IDA binary differ. Since code.google.com/p/patchdiff2/ seemed abandoned, I did the obvious thing…
  • [14Star][3y] [Py] 0x00ach/idadiff The script uses the @Heurs MACHOC algorithm (https://github.com/ANSSI-FR/polichombr) in order to build tiny CFG hashes of a source binary sample in IDA PRO
  • [14Star][5y] [C++] binsigma/binclone detecting code clones in malware

Yara

IDB

Collaborative RE

  • [508Star][11m] [Py] idarlingteam/idarling a collaborative reverse engineering plugin for IDA Pro and Hex-Rays
  • [258Star][1y] [C++] dga-mi-ssi/yaco a Hex-Rays IDA plugin enabling collaborative reverse-engineering on IDA databases for multiple users
  • [88Star][5y] [Py] cubicalabs/idasynergy IDA Plugin with svn integerted
  • [71Star][2m] [C++] cseagle/collabreate IDA Pro Collaboration/Synchronization Plugin
  • [4Star][2y] [Py] argussecurity/psida Python Scripts for IDA [by the Argus Research Team]

Sync With Debugger

Import Export&&Sync With Other Tools

No Category

Ghidra

BinNavi

BinaryNinja

Radare2

Frida

IntelPin

Specific Target

No Category

Loader&Processor

GoLang

Windows Driver

  • [306Star][1y] [Py] fsecurelabs/win_driver_plugin A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
  • [218Star][1y] [Py] nccgroup/driverbuddy IDA Python script to assist with the reverse engineering of Windows kernel drivers.
  • [74Star][5y] [Py] tandasat/winioctldecoder IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.
  • [23Star][1y] [C] ioactive/kmdf_re Helper idapython code for reversing kmdf drivers

PS3&&PS4

PDB

Flash&&SWF

Malware Family

CTF

IDAPython

No Category

  • [720Star][15d] [Py] idapython/src IDAPython project for Hex-Ray's IDA Pro
  • [373Star][3m] [Py] tmr232/sark IDAPython Made Easy
  • [248Star][2y] [Py] intezer/docker-ida Run IDA Pro disassembler in Docker containers for automating, scaling and distributing the use of IDAPython scripts.
  • [82Star][4y] idapython/bin IDAPython binaries
  • [69Star][2y] [Py] alexander-hanel/idapython6to7
  • [43Star][1y] [Py] nirizr/pytest-idapro A pytest module for The Interactive Disassembler and IDAPython; Record and Replay IDAPython API, execute inside IDA or use mockups of IDAPython API.
  • [29Star][3y] [Py] kerrigan29a/idapython_virtualenv Enable Virtualenv or Conda in IDAPython
  • [23Star][3y] [Py] devttys0/idascript a wrapper around IDA Pro that makes it easy to automate the execution of IDA scripts against target files from the command line

Cheatsheets

Instruction Reference&&Doc

Script Writting

No Category

  • [393Star][3y] [Py] 36hours/idaemu an IDA Pro Plugin use for emulating code in IDA Pro.
  • [282Star][2m] [Py] fireeye/flare-emu marries a supported binary analysis framework, such as IDA Pro or Radare2, with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks
  • [137Star][26d] [Py] arizvisa/ida-minsc a plugin for IDA Pro that assists a user with scripting the IDAPython plugin that is bundled with the disassembler.
  • [104Star][1m] [Py] patois/idapyhelper IDAPyHelper is a script for the Interactive Disassembler that helps writing IDAPython scripts and plugins.
  • [74Star][5m] [C++] 0xeb/ida-qscripts An IDA plugin to increase productivity when developing scripts for IDA
  • [42Star][6m] [C++] 0xeb/ida-climacros Create and use macros in IDA's CLIs
  • [32Star][2y] [CMake] zyantific/ida-cmake IDA plugin CMake build-script
  • [22Star][1y] [Py] nirizr/idasix IDAPython compatibility library. idasix aims to create a smooth ida development process and allow a single codebase to function with multiple IDA/IDAPython versions
  • [4Star][8m] inndy/idapython-cheatsheet scripting IDA like a Pro

Qt

Console&&GUI

Template

Other Lang

Ancient

Debug&&Dynamic Data

No Category

DBI Data

Debugger Data

  • [607Star][3m] [Py] 0xgalz/virtuailor IDAPython tool for C++ vtables reconstruction

    • Also In Section: IDA->Tools->Structure->C++ Class |

      View Details

      静态部分:

      • 检测非直接调用
      • 利用条件断点, Hook非直接调用的值赋值过程

      动态 部分

      • 创建虚表结构
      • 重命名函数和虚表地址
      • 给反汇编非直接调用添加结构偏移
      • 给非直接调用到虚表之间添加交叉引用

      使用

      • File -> Script File -> Main.py(设置断点) -> IDA调试器执行

  • [386Star][5m] [Py] ynvb/die an IDA python plugin designed to enrich IDA`s static analysis with dynamic data

  • [380Star][4y] [Py] deresz/funcap IDA Pro script to add some useful runtime info to static analysis

  • [104Star][3y] [Py] c0demap/codemap a binary analysis tool for "run-trace visualization" provided as IDA plugin.

Decompiler&&AST

DeObfuscate

Nav&&Quick Access&&Graph&&Image

No Category

GUI Enhencement

Graph

  • [2569Star][6m] [Java] google/binnavi a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.
  • [231Star][2y] [C++] fireeye/simplifygraph IDA Pro plugin to assist with complex graphs
  • [40Star][9m] [Py] rr-/ida-images Image preview plugin for IDA disassembler.

Search

Android

Apple&&macOS&&iXxx&&Objective-C&&SWift&&Mach-O

No Category

Kernel Cache

Mach-O

  • [47Star][8m] [C] gdbinit/extractmacho IDA plugin to extract Mach-O binaries located in the disassembly or data
  • [18Star][3y] [C] cocoahuke/iosdumpkernelfix This tool will help to fix the Mach-O header of iOS kernel which dump from the memory. So that IDA or function symbol-related tools can loaded function symbols of ios kernel correctly
  • [17Star][8y] [C] gdbinit/machoplugin IDA plugin to Display Mach-O headers

Swift

ELF

Microcode

Emulator

Part Of Other Tool

  • [1542Star][28d] [Py] lifting-bits/mcsema Framework for lifting x86, amd64, and aarch64 program binaries to LLVM bitcode
    • IDA7插件 用于反汇编二进制文件并生成控制流程图
    • IDA插件 用于反汇编二进制文件并生成控制流程图
    • Binja插件 用于反汇编二进制文件并生成控制流程图
    • mcsema
  • [421Star][1m] [C] mcgill-dmas/kam1n0-community a scalable assembly management and analysis platform
  • [27Star][4y] [Scheme] yifanlu/cgen CGEN with support for generating IDA Pro IDP modules
  • [23Star][2y] [Py] tintinweb/unbox a convenient one-click unpack and decompiler tool that wraps existing 3rd party applications like IDA Pro, JD-Cli, Dex2Src, and others to provide a convenient archiver liker command line interfaces to unpack and decompile various types of files

Vul

No Category

ROP

  • [54Star][3y] [Py] patois/drgadget IDAPython plugin for the Interactive Disassembler
  • [19Star][2y] [Py] lucasg/idarop ROP database plugin for IDA

Patch

Other

Function

No Category

Rename&&Prefix&&Tag

Nav&&Search

demangle

Taint Analysis&&Symbolic Execution

string

encrypt&&decrypt

Video&&Post

Recent Add

No Category

Tips&&Tricks

Series-Labeless Introduction

Series-Reversing With IDA From Scrach

Series-Using IDAPython To Make Your Life Easier

Original

ZH

Series-Reversing C Code With IDA

Tool&&Plugin&&Script

No Category

Loader&&Processor

With Other Tools

Translate-The IDA Pro Book

Translate-Reverse Engineering Code With IDA Pro

IDASelf

REPractice

No Category

Malware

Vuln Analysis&&Vuln Hunting

Microcode

AgainstIDA

Ghidra

Plugins&&Scripts

Ghidra

Recent Add

Specific Target

No Category

Loader&&Processor

Xbox

With Other Tools

No Category

Radare2

IDA

DBI

Debugger

Skin&&Theme

Script Writting

Other

Lang

Post&&Videos

RecentAdd1

Recent Add

Vuln

Vuln Analysis

No Category

Vuln Analysis&&Vuln Hunting

Malware

Other

Tips&&Tricks

Script Writting

x64dbg

Plugins&&Scripts

x64dbg

  • [34576Star][1m] [C++] x64dbg/x64dbg An open-source x64/x32 debugger for windows.

Recent Add

Post&&Videos

OllyDbg

Plugins&&Scripts

Recent Add

Post&&Videos

WinDBG

Plugins&&Scripts

Recent Add

Post&&Videos

Android

Tools

Recent Add

Recent Add1

HotFix

  • [14557Star][13d] [Java] tencent/tinker Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstall apk.
  • [6684Star][3y] [C++] alibaba/andfix AndFix is a library that offer hot-fix for Android App.
  • [3462Star][27d] [Java] meituan-dianping/robust Robust is an Android HotFix solution with high compatibility and high stability. Robust can fix bugs immediately without a reboot.
  • [1117Star][6m] [Java] manbanggroup/phantom 唯一零 Hook 稳定占坑类 Android 热更新插件化方案

Package

  • [5080Star][2m] [Java] meituan-dianping/walle Android Signature V2 Scheme签名下的新一代渠道包打包神器

Collection

App

Xposed

  • [8756Star][2m] [Java] android-hacker/virtualxposed A simple app to use Xposed without root, unlock the bootloader or modify system image, etc.
  • [2559Star][7m] taichi-framework/taichi A framework to use Xposed module with or without Root/Unlock bootloader, supportting Android 5.0 ~ 10.0
  • [2034Star][12d] [Java] elderdrivers/edxposed Elder driver Xposed Framework.
  • [1726Star][1y] [Java] ac-pm/inspeckage Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
  • [1655Star][2m] [Java] tiann/epic Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 4.0~10.0
  • [1494Star][2y] [Kotlin] gh0u1l5/wechatmagician WechatMagician is a Xposed module written in Kotlin, that allows you to completely control your Wechat.
  • [1296Star][2m] [Java] android-hacker/exposed A library to use Xposed without root or recovery(or modify system image etc..).
  • [839Star][5y] halfkiss/zjdroid Android app dynamic reverse tool based on Xposed framework.
  • [790Star][8m] [Java] blankeer/mdwechat 一个能让微信 Material Design 化的 Xposed 模块
  • [669Star][12d] [Java] ganyao114/sandhook Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 10.0 32/64 bit - Xposed API Compat
  • [478Star][2m] [Java] tornaco/x-apm 应用管理 Xposed
  • [424Star][3y] [Makefile] mindmac/androideagleeye An Xposed and adbi based module which is capable of hooking both Java and Native methods targeting Android OS.
  • [322Star][1y] [C] smartdone/dexdump 快速脱一代壳的xposed插件
  • [309Star][1m] bigsinger/androididchanger Xposed Module for Changing Android Device Info
  • [309Star][13d] [Java] ganyao114/sandvxposed Xposed environment without root (OS 5.0 - 10.0)
  • [283Star][2y] [C++] rovo89/android_art Android ART with modifications for the Xposed framework.
  • [214Star][1y] [Kotlin] paphonb/androidp-ify [Xposed] Use features introduced in Android P on your O+ Device!
  • [204Star][1y] [C] gtoad/android_inline_hook Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32 and ARM64 ! With this, tools like Xposed can do android native hook.
  • [127Star][2y] [Java] bmax121/budhook An Android hook framework written like Xposed,based on YAHFA.
  • [120Star][3y] [Java] rastapasta/pokemon-go-xposed
  • [79Star][4m] [Go] tillson/git-hound GitHound pinpoints exposed API keys on GitHub using pattern matching, commit history searching, and a unique result scoring system. A batch-catching, pattern-matching, patch-attacking secret snatcher.
  • [71Star][1m] [Java] lianglixin/sandvxposed Xposed environment without root (OS 5.0 - 10.0)
  • [64Star][10m] [FreeMarker] dvdandroid/xposedmoduletemplate Easily create a Xposed Module with Android Studio
  • [64Star][8d] uniking/dingding 免root远程钉钉打卡,支持wifi和gps定位,仅支持android系统。本项目出于学习目的,仅用于学习玩耍,请于24小时后自行删除。xposed, crack,package,dingtalk,remote control
  • [49Star][11m] [Py] hrkfdn/deckard Deckard performs static and dynamic binary analysis on Android APKs to extract Xposed hooks
  • [38Star][10m] [Java] egguncle/xposednavigationbar Xposed导航栏功能拓展模块
  • [36Star][8m] [Py] anantshri/ds_store_crawler_parser a parser + crawler for .DS_Store files exposed publically
  • [34Star][5y] [Java] wooyundota/intentmonitor Tool based xposed can monitor the android intents
  • [28Star][5y] [Java] mindmac/xposedautomation A demo to show how to install Xposed and enable Xposed based module automatically
  • [26Star][5y] [Java] twilightgod/malwarebuster This is a Xposed module. It helps to prevent malwares to register service/receiver which were disabled in My Android Tools before.

Pack&&Unpack

  • [1793Star][8m] [C++] wrbug/dumpdex Android unpack
  • [1620Star][3y] [Makefile] drizzlerisk/drizzledumper a memory-search-based Android unpack tool.
  • [1465Star][3m] [C++] vaibhavpandeyvpz/apkstudio Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.
  • [1036Star][3y] [C++] zyq8709/dexhunter General Automatic Unpacking Tool for Android Dex Files
  • [811Star][4m] [C] strazzere/android-unpacker Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0
  • [712Star][2m] [YARA] rednaga/apkid Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
  • [366Star][3m] [Java] patrickfav/uber-apk-signer A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
  • [322Star][6m] [Shell] 1n3/reverseapk Quickly analyze and reverse engineer Android packages
  • [298Star][2y] [Shell] checkpointsw/android_unpacker A (hopefully) generic unpacker for packed Android apps.
  • [189Star][3y] [Py] drizzlerisk/tunpacker TUnpacker是一款Android脱壳工具
  • [187Star][3y] [Py] andy10101/apkdetecter Android Apk查壳工具及源代码
  • [148Star][3y] [Py] drizzlerisk/bunpacker BUnpacker是一款Android脱壳工具
  • [105Star][4y] [Java] liuyufei/sslkiller SSLKiller is used for killing SSL verification functions on Android client side. With SSLKiller, You can intercept app's HTTPS communication packages between the client and server.
  • [104Star][3y] [Java] cvvt/apptroy An Online Analysis System for Packed Android Malware
  • [89Star][2y] [ObjC] wooyundota/dumpdex Android Unpack tool based on Cydia
  • [68Star][5y] [Py] ajinabraham/xenotix-apk-reverser Xenotix APK Reverser is an OpenSource Android Application Package (APK) decompiler and disassembler powered by dex2jar, baksmali and jd-core.
  • [30Star][8m] [Java] cristianturetta/mad-spy We developed a malware for educational purposes. In particular, our goal is to provide a PoC of what is known as a Repacking attack, a known technique widely used by malware cybercrooks to trojanize android apps. The answer to solve this particular goal boils down in the simplicity of APK decompiling and smali code injection.
  • [22Star][13d] [Py] botherder/snoopdroid Extract packages from an Android device
  • [10Star][2y] [Shell] nickdiego/docker-ollvm Easily build and package Obfuscator-LLVM into Android NDK.

HOOK

Emulator

  • [1492Star][1y] [C++] f1xpl/openauto AndroidAuto headunit emulator
  • [532Star][7m] [Java] limboemu/limbo Limbo is a QEMU-based emulator for Android. It currently supports PC & ARM emulation for Intel x86 and ARM architecture. See our wiki
  • [471Star][3m] [Java] strazzere/anti-emulator Android Anti-Emulator
  • [428Star][2y] [Py] evilsocket/smali_emulator This software will emulate a smali source file generated by apktool.
  • [202Star][3y] [Py] mseclab/nathan Android Emulator for mobile security testing
  • [168Star][12m] [Py] mnkgrover08-zz/whatsapp_automation Whatsapp Automation is a collection of APIs that interact with WhatsApp messenger running in an Android emulator, allowing developers to build projects that automate sending and receiving messages, adding new contacts and broadcasting messages multiple contacts.
  • [148Star][5y] [C] strazzere/android-lkms Android Loadable Kernel Modules - mostly used for reversing and debugging on controlled systems/emulators
  • [27Star][2y] [Shell] gustavosotnas/avd-launcher Front-end to Android Virtual Devices (AVDs) emulator from Google.
  • [16Star][1y] [Py] abhi-r3v0/droxes A simple script to turn an Android device/emulator into a test-ready box.

IDA

Debug

  • [10794Star][1m] [Java] konloch/bytecode-viewer A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
  • [6762Star][10m] [Java] amitshekhariitbhu/android-debug-database A library for debugging android databases and shared preferences - Make Debugging Great Again
  • [527Star][5y] [Py] swdunlop/andbug Android Debugging Library
  • [468Star][7y] [Shell] kosborn/p2p-adb Phone to Phone Android Debug Bridge - A project for "debugging" phones... from other phones.
  • [123Star][3y] [C++] cheetahsec/avmdbg a lightweight debugger for android virtual machine.
  • [106Star][6y] [Java] isecpartners/android-opendebug Make any application debuggable
  • [98Star][4y] [Py] cx9527/strongdb gdb plugin for android debugging
  • [65Star][6y] [Py] anbc/andbug Android Debugging Library
  • [57Star][3y] [C] gnaixx/anti-debug Android detect debugger
  • [56Star][5m] [Shell] wuseman/wbruter Crack your non-rooted android device pin code with 100% guarantee aslong as usb debugging has been enable. Wbruter also has support for parallel ssh brute forcing via pssh
  • [22Star][1y] [C++] gtoad/android_anti_debug An example of android anti-debug.

Malware

Obfuscate

Reverse Engineering

Posts&&Videos

Apple&&iOS&&iXxx

Mach-O

Tools

  • [2540Star][10m] [ObjC] nygard/class-dump Generate Objective-C headers from Mach-O files.
  • [2389Star][2y] [Py] secretsquirrel/the-backdoor-factory Patch PE, ELF, Mach-O binaries with shellcode (NOT Supported)
  • [2140Star][2m] [Py] jonathansalwan/ropgadget This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
  • [1471Star][3y] [ObjC] polidea/ios-class-guard Simple Objective-C obfuscator for Mach-O executables.
  • [856Star][3y] [C++] 0vercl0k/rp rp++ is a full-cpp written tool that aims to find ROP sequences in PE/Elf/Mach-O x86/x64 binaries. It is open-source and has been tested on several OS: Debian / Windows 8.1 / Mac OSX Lion (10.7.3). Moreover, it is x64 compatible and supports Intel syntax. Standalone executables can also be directly downloaded.
  • [399Star][2m] [Logos] limneos/classdump-dyld Class-dump any Mach-o file without extracting it from dyld_shared_cache
  • [331Star][3y] [C] steakknife/unsign Remove code signatures from OSX Mach-O binaries (note: unsigned binaries cannot currently be re-codesign'ed. Patches welcome!)
  • [269Star][5y] [C] conradev/dumpdecrypted Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk. This tool is necessary for security researchers to be able to look under the hood of encryption.
  • [265Star][8m] [ObjC] devaukz/macho-kit A C/Objective-C library for parsing Mach-O files.
  • [238Star][3y] aidansteele/osx-abi-macho-file-format-reference Mirror of OS X ABI Mach-O File Format Reference
  • [197Star][2y] [ObjC] alonemonkey/dumpdecrypted Dumps decrypted mach-o files from encrypted applications、framework or app extensions.
  • [178Star][4m] [ObjC] yulingtianxia/apporderfiles The easiest way to generate order files for Mach-O using Clang. Improving App Performance.
  • [150Star][2y] [C] alexdenisov/bitcode_retriever Retrieves Bitcode from Mach-O binaries
  • [148Star][14d] [Rust] m4b/faerie Magical ELF and Mach-o object file writer backend
  • [137Star][2y] [ObjC] bluecocoa/class-dump Generate Objective-C headers from Mach-O files.
  • [124Star][8m] [Swift] devaukz/macho-explorer A graphical Mach-O viewer for macOS. Powered by Mach-O Kit.
  • [105Star][2y] [C++] tyilo/macho_edit Command line utility for modifying Mach-O binaries in various ways.
  • [100Star][4y] [Py] jonathansalwan/abf Abstract Binary Format Manipulation - ELF, PE and Mach-O format
  • [62Star][7y] [C] gdbinit/osx_boubou A PoC Mach-O infector via library injection
  • [48Star][5m] [ObjC] dcsch/macho-browser Mac browser for Mach-O binaries (macOS, iOS, watchOS, and tvOS)
  • [39Star][5y] [C] x43x61x69/codeunsign A Mach-O binary codesign remover.
  • [35Star][3y] [Py] airbus-seclab/elfesteem ELF/PE/Mach-O parsing library
  • [31Star][1m] [Rust] flier/rust-macho Mach-O File Format Parser for Rust
  • [20Star][3y] [Py] njsmith/machomachomangler Tools for mangling Mach-O and PE binaries
  • [20Star][11m] [C] geosn0w/machdump A very basic C Mach-O Header Dump tool written for practicing purposes. Works With x86 and x86_64 binaries
  • [17Star][4m] [JS] indutny/macho Mach-O parser for node.js
  • [11Star][7y] [C] gdbinit/calcspace Small util to calculate available free space in mach-o binaries for code injection
  • [10Star][4y] [OCaml] m4b/bin2json Converts ELF, mach-o, or PE binaries to a JSON representation

Post

JailBreak

Tools

Post

LLDB

Tools

  • [8031Star][3m] [Py] facebook/chisel Chisel is a collection of LLDB commands to assist debugging iOS apps.
  • [784Star][3m] [C++] nodejs/llnode An lldb plugin for Node.js and V8, which enables inspection of JavaScript states for insights into Node.js processes and their core dumps.
  • [636Star][2m] [C++] apple/swift-lldb This is the version of LLDB that supports the Swift programming language & REPL.
  • [492Star][28d] [Rust] vadimcn/vscode-lldb A native debugger extension for VSCode based on LLDB
  • [388Star][2m] [C++] llvm-mirror/lldb Mirror of official lldb git repository located at
  • [242Star][5y] [C++] meeloo/xspray A front end for lldb on OS X for Mac and iOS targets, with a twist
  • [198Star][2y] proteas/native-lldb-for-ios native LLDB(v3.8) for iOS
  • [25Star][3y] [Py] bnagy/francis LLDB engine based tool to instrument OSX apps and triage crashes
  • [20Star][3y] [Py] critiqjo/lldb.nvim This repository was moved to
  • [16Star][2m] [Py] malor/cpython-lldb LLDB script for debugging of CPython processes
  • [12Star][3y] [C++] indutny/llnode Node.js C++ lldb plugin

Post

XCode

Tools

  • [6203Star][3m] [ObjC] johnno1962/injectionforxcode Runtime Code Injection for Objective-C & Swift
  • [2057Star][19d] [ObjC] ios-control/ios-deploy Install and debug iPhone apps from the command line, without using Xcode
  • [1606Star][2m] [Swift] indragiek/inappviewdebugger A UIView debugger (like Reveal or Xcode) that can be embedded in an app for on-device view debugging
  • [1409Star][1m] [Swift] johnno1962/injectioniii Re-write of Injection for Xcode in (mostly) Swift4
  • [572Star][1m] [ObjC] hdb-li/lldebugtool LLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.
  • [497Star][7y] [C] ghughes/fruitstrap Install and debug iPhone apps from the command line, without using Xcode
  • [384Star][3m] [JS] johnno1962/xprobeplugin Live Memory Browser for Apps & Xcode
  • [179Star][4y] [ObjC] x43x61x69/otx The Mach-O disassembler. Now 64bit and Xcode 6 compatible.
  • [135Star][1y] [Swift] danleechina/mixplaintext 可对 Xcode 项目工程所有的 objective-c 文件内包含的明文进行加密混淆,提高逆向分析难度。
  • [135Star][1y] [Shell] onmyway133/swiftsnippets A collection of Swift snippets to be used in Xcode
  • [48Star][2y] [C++] tonyzesto/pubgprivxcode85 Player ESP 3D Box ESP Nametag ESP Lightweight Code Secure Injection Dedicated Cheat Launcher Secured Against Battleye Chicken Dinner Every Day. Win more matches than ever before with CheatAutomation’s Playerunknown’s Battlegrounds cheat! Our stripped down, ESP only cheat gives you the key features you need to take out your opponents and be eatin…
  • [45Star][7m] [Swift] git-kevinchuang/potatso-swift5 Potatso compiled with swift5 xcode 10.2.1 mojave 10.14.5
  • [44Star][3y] [Shell] vtky/resign XCode Project to resign .ipa files
  • [28Star][1m] [Swift] hdb-li/lldebugtoolswift LLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.
  • [28Star][2y] [Swift] jeanshuang/potatso 适配Xcode9.3 iOS11.3 Swift3.3编译通过。 (unmaintained) Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework in iOS 9.
  • [24Star][12m] [Swift] shoheiyokoyama/lldb-debugging The LLDB Debugging in C, Swift, Objective-C, Python and Xcode
  • [17Star][2y] maxfong/obfuscatorxcplugin 逻辑混淆XCode插件
  • [1Star][2y] [Swift] wdg/webshell-builder A WebShell application builder (no use of Xcode)

Post

Tools

Recent Add

  • [11025Star][2y] [ObjC] bang590/jspatch JSPatch bridge Objective-C and Javascript using the Objective-C runtime. You can call any Objective-C class and method in JavaScript by just including a small engine. JSPatch is generally used to hotfix iOS App.
  • [10966Star][10d] [ObjC] flipboard/flex An in-app debugging and exploration tool for iOS
  • [5775Star][4m] [ObjC] square/ponydebugger Remote network and data debugging for your native iOS app using Chrome Developer Tools
  • [4663Star][1m] [C] google/ios-webkit-debug-proxy A DevTools proxy (Chrome Remote Debugging Protocol) for iOS devices (Safari Remote Web Inspector).
  • [4397Star][12d] [Swift] signalapp/signal-ios A private messenger for iOS.
  • [3686Star][4m] [C] facebook/fishhook A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS.
  • [3414Star][2m] icodesign/potatso Potatso is an iOS client that implements different proxies with the leverage of NetworkExtension framework in iOS 10+.
  • [3327Star][3m] [Swift] yagiz/bagel a little native network debugging tool for iOS
  • [3071Star][10m] [JS] jipegit/osxauditor OS X Auditor is a free Mac OS X computer forensics tool
  • [2867Star][12d] [ObjC] facebook/idb idb is a flexible command line interface for automating iOS simulators and devices
  • [2795Star][24d] [Swift] kasketis/netfox A lightweight, one line setup, iOS / OSX network debugging library!
  • [2753Star][1m] [Makefile] theos/theos A cross-platform suite of tools for building and deploying software for iOS and other platforms.
  • [2733Star][26d] [ObjC] dantheman827/ios-app-signer This is an app for OS X that can (re)sign apps and bundle them into ipa files that are ready to be installed on an iOS device.
  • [2708Star][2m] [ObjC] kjcracks/clutch Fast iOS executable dumper
  • [2345Star][6y] [C] stefanesser/dumpdecrypted Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk. This tool is necessary for security researchers to be able to look under the hood of encryption.
  • [1801Star][1y] aozhimin/ios-monitor-platform
  • [1774Star][3y] [ObjC] tapwork/heapinspector-for-ios Find memory issues & leaks in your iOS app without instruments
  • [1695Star][6m] [Py] yelp/osxcollector A forensic evidence collection & analysis toolkit for OS X
  • [1683Star][2m] [Swift] pmusolino/wormholy iOS network debugging, like a wizard 🧙‍♂️
  • [1642Star][7m] [Objective-C++] tencent/oomdetector OOMDetector is a memory monitoring component for iOS which provides you with OOM monitoring, memory allocation monitoring, memory leak detection and other functions.
  • [1630Star][1m] ivrodriguezca/re-ios-apps A completely free, open source and online course about Reverse Engineering iOS Applications.
  • [1444Star][5y] [C++] gdbinit/machoview MachOView fork
  • [1442Star][28d] [ObjC] nabla-c0d3/ssl-kill-switch2 Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps
  • [1299Star][6m] [JS] feross/spoof Easily spoof your MAC address in macOS, Windows, & Linux!
  • [1291Star][1m] [JS] icymind/vrouter 一个基于 VirtualBox 和 openwrt 构建的项目, 旨在实现 macOS / Windows 平台的透明代理.
  • [1253Star][2m] [Vue] chaitin/passionfruit [WIP] Crappy iOS app analyzer
  • [1252Star][17d] michalmalik/osx-re-101 A collection of resources for OSX/iOS reverse engineering.
  • [1240Star][2y] [ObjC] krausefx/detect.location An easy way to access the user's iOS location data without actually having access
  • [1239Star][8d] [C] datatheorem/trustkit Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.
  • [1215Star][16d] [YARA] horsicq/detect-it-easy Program for determining types of files for Windows, Linux and MacOS.
  • [1199Star][6y] gdbinit/gdbinit Gdbinit for OS X, iOS and others - x86, x86_64 and ARM
  • [1174Star][5y] [Py] hackappcom/ibrute AppleID bruteforce p0c
  • [1113Star][1y] [ObjC] neoneggplant/eggshell iOS/macOS/Linux Remote Administration Tool
  • [1026Star][2y] [ObjC] zhengmin1989/ios_ice_and_fire iOS冰与火之歌
  • [1001Star][2m] [ObjC] lmirosevic/gbdeviceinfo Detects the hardware, software and display of the current iOS or Mac OS X device at runtime.
  • [985Star][1y] [Py] fsecurelabs/needle The iOS Security Testing Framework
  • [975Star][3y] [Py] synack/knockknock displays persistent items (scripts, commands, binaries, etc.), that are set to execute automatically on OS X
  • [936Star][3y] [C] tyilo/insert_dylib Command line utility for inserting a dylib load command into a Mach-O binary
  • [907Star][4m] [ObjC] ptoomey3/keychain-dumper A tool to check which keychain items are available to an attacker once an iOS device has been jailbroken
  • [866Star][16d] [ObjC] meitu/mthawkeye Profiling / Debugging assist tools for iOS. (Memory Leak, OOM, ANR, Hard Stalling, Network, OpenGL, Time Profile ...)
  • [857Star][3y] [Py] hubert3/isniff-gps Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices
  • [847Star][2y] [Shell] kpwn/iosre iOS Reverse Engineering
  • [840Star][9d] [JS] cypress-io/cypress-example-recipes Various recipes for testing common scenarios with Cypress
  • [812Star][5y] [ObjC] isecpartners/ios-ssl-kill-switch Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS Apps
  • [807Star][2y] [Ruby] dmayer/idb simplify some common tasks for iOS pentesting and research
  • [796Star][13d] [Shell] aqzt/kjyw 快捷运维,代号kjyw,项目基于shell、python,运维脚本工具库,收集各类运维常用工具脚本,实现快速安装nginx、mysql、php、redis、nagios、运维经常使用的脚本等等...
  • [782Star][3y] [Go] summitroute/osxlockdown [No longer maintained] Apple OS X tool to audit for, and remediate, security configuration settings.
  • [745Star][5y] [ObjC] kjcracks/yololib dylib injector for mach-o binaries
  • [662Star][1y] [Py] deepzec/bad-pdf create malicious PDF file to steal NTLM(NTLMv1/NTLMv2) Hashes from windows machines
  • [653Star][3y] [C] rentzsch/mach_inject interprocess code injection for Mac OS X
  • [651Star][9m] [ObjC] chenxiancai/stcobfuscator iOS全局自动化 代码混淆 工具!支持cocoapod组件代码一并 混淆,完美避开hardcode方法、静态库方法和系统库方法!
  • [649Star][3y] [ObjC] isecpartners/introspy-ios Security profiling for blackbox iOS
  • [636Star][1y] [Swift] phynet/ios-url-schemes a github solution from my gist of iOS list for urls schemes
  • [621Star][5y] [PHP] pr0x13/idict iCloud Apple iD BruteForcer
  • [616Star][3y] [ObjC] macmade/keychaincracker macOS keychain cracking tool
  • [604Star][2m] siguza/ios-resources Useful resources for iOS hacking
  • [583Star][3y] [C++] tobefuturer/app2dylib A reverse engineering tool to convert iOS app to dylib
  • [558Star][3y] advanced-threat-research/firmware-security-training materials for a hands-on training Security of BIOS/UEFI System Firmware from Attacker and Defender Perspectives
  • [530Star][3y] [ObjC] herzmut/shadowsocks-ios Fork of shadowsocks/shadowsocks-iOS
  • [526Star][4y] [Py] hackappcom/iloot OpenSource tool for iCloud backup extraction
  • [522Star][2y] [Shell] seemoo-lab/mobisys2018_nexmon_software_defined_radio Proof of concept project for operating Broadcom Wi-Fi chips as arbitrary signal transmitters similar to software-defined radios (SDRs)
  • [517Star][3y] [ObjC] pjebs/obfuscator-ios Secure your app by obfuscating all the hard-coded security-sensitive strings.
  • [517Star][5y] [Py] project-imas/mdm-server Sample iOS MDM server
  • [500Star][27d] [Swift] google/science-journal-ios Use the sensors in your mobile devices to perform science experiments. Science doesn’t just happen in the classroom or lab—tools like Science Journal let you see how the world works with just your phone.
  • [482Star][1y] [Swift] icepa/icepa iOS system-wide VPN based Tor client
  • [478Star][15d] pixelcyber/thor HTTP Sniffer/Capture on iOS for Network Debug & Inspect.
  • [471Star][8m] [C++] everettjf/machoexplorer [WIP] Explore MachO File on macOS and Windows
  • [462Star][15d] [Java] dsheirer/sdrtrunk A cross-platform java application for decoding, monitoring, recording and streaming trunked mobile and related radio protocols using Software Defined Radios (SDR). Website:
  • [432Star][7y] [C] juuso/keychaindump A proof-of-concept tool for reading OS X keychain passwords
  • [430Star][11m] captainarash/the_holy_book_of_x86 A simple guide to x86 architecture, assembly, memory management, paging, segmentation, SMM, BIOS....
  • [419Star][4y] [ObjC] asido/systemmonitor iOS application providing you all information about your device - hardware, operating system, processor, memory, GPU, network interface, storage and battery, including OpenGL powered visual representation in real time.
  • [406Star][5y] [ObjC] mp0w/ios-headers iOS 5.0/5.1/6.0/6.1/7.0/7.1/8.0/8.1 Headers of All Frameworks (private and not) + SpringBoard
  • [396Star][4m] ansjdnakjdnajkd/ios Most usable tools for iOS penetration testing
  • [393Star][2y] r0ysue/osg-translationteam 看雪iOS安全小组的翻译团队作品集合,如有勘误,欢迎斧正!
  • [382Star][11m] [C] coolstar/electra1131 Electra for iOS 11.0 - 11.3.1
  • [375Star][2y] [C++] alonemonkey/iosrebook 《iOS应用逆向与安全》随书源码
  • [375Star][29d] [Swift] justeat/justlog JustLog brings logging on iOS to the next level. It supports console, file and remote Logstash logging via TCP socket with no effort. Support for logz.io available.
  • [374Star][2y] [C++] breenmachine/rottenpotatong New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools.
  • [371Star][18d] [Shell] matthewpierson/1033-ota-downgrader First ever tool to downgrade ANY iPhone 5s, ANY iPad Air and (almost any) iPad Mini 2 to 10.3.3 with OTA blobs + checkm8!
  • [349Star][19d] [C] jedisct1/swift-sodium Safe and easy to use crypto for iOS and macOS
  • [346Star][4m] [TS] bacher09/pwgen-for-bios Password generator for BIOS
  • [340Star][3m] [C] trailofbits/cb-multios DARPA Challenges Sets for Linux, Windows, and macOS
  • [332Star][3y] [Logos] bishopfox/ispy A reverse engineering framework for iOS
  • [322Star][2m] [ObjC] auth0/simplekeychain A Keychain helper for iOS to make it very simple to store/obtain values from iOS Keychain
  • [310Star][28d] [Swift] securing/iossecuritysuite iOS platform security & anti-tampering Swift library
  • [298Star][2y] krausefx/steal.password Easily get the user's Apple ID password, just by asking
  • [292Star][8y] [ObjC] nst/spyphone This project shows the kind of data a rogue iPhone application can collect.
  • [287Star][1y] [Py] manwhoami/mmetokendecrypt Decrypts and extracts iCloud and MMe authorization tokens on Apple macOS / OS X. No user authentication needed. 🏅🌩
  • [283Star][2y] [Swift] krausefx/watch.user Every iOS app you ever gave permission to use your camera can record you any time it runs - without notice
  • [263Star][14d] [ObjC] strongbox-password-safe/strongbox A KeePass/Password Safe Client for iOS and OS X
  • [247Star][1m] [C++] s0uthwest/futurerestore iOS upgrade and downgrade tool utilizing SHSH blobs
  • [244Star][7m] [JS] we11cheng/wcshadowrocket iOS Shadowrocket(砸壳重签,仅供参考,添加节点存在问题)。另一个fq项目potatso源码参见:
  • [241Star][2y] [C] limneos/mobileminer CPU Miner for ARM64 iOS Devices
  • [239Star][1y] [ObjC] lmirosevic/gbping Highly accurate ICMP Ping controller for iOS
  • [238Star][4m] [Swift] shadowsocksr-live/ishadowsocksr ShadowsocksR for iOS, come from
  • [229Star][3y] [Swift] trailofbits/secureenclavecrypto Demonstration library for using the Secure Enclave on iOS
  • [223Star][12m] [AppleScript] lifepillar/csvkeychain Import/export between Apple Keychain.app and plain CSV file.
  • [219Star][6m] [ObjC] rickyzhang82/tethering Proxy and DNS Server on iOS
  • [213Star][8m] [C] owasp/igoat OWASP iGoat - A Learning Tool for iOS App Pentesting and Security by Swaroop Yermalkar
  • [211Star][13d] [TS] bevry/getmac Get the mac address of the current machine you are on via Node.js
  • [210Star][2y] [C] cheesecakeufo/saigon iOS 10.2.1 - Discontinued version
  • [203Star][5m] [Py] googleprojectzero/ios-messaging-tools several tools Project Zero uses to test iPhone messaging
  • [200Star][6m] [PS] mkellerman/invoke-commandas Invoke Command As System/Interactive/GMSA/User on Local/Remote machine & returns PSObjects.
  • [199Star][1m] [ObjC] everettjf/yolo Scripts or demo projects on iOS development or reverse engineering
  • [198Star][27d] [Swift] auth0/lock.swift A Swift & iOS framework to authenticate using Auth0 and with a Native Look & Feel
  • [195Star][2m] [Logos] creantan/lookinloader Lookin - iOS UI Debugging Tweak LookinLoader,Compatible with iOS 8~13
  • [190Star][13d] [Py] ydkhatri/mac_apt macOS Artifact Parsing Tool
  • [182Star][1m] [JS] nowsecure/node-applesign NodeJS module and commandline utility for re-signing iOS applications (IPA files).
  • [181Star][4y] [ObjC] iosre/hippocamphairsalon A simple universal memory editor (game trainer) on OSX/iOS
  • [181Star][12m] zekesnider/nintendoswitchrestapi Reverse engineered REST API used in the Nintendo Switch app for iOS. Includes documentation on Splatoon 2's API.
  • [180Star][4m] [Py] anssi-fr/secuml Machine Learning for Computer Security
  • [180Star][8m] [Java] yubico/ykneo-openpgp OpenPGP applet for the YubiKey NEO
  • [174Star][1y] [ObjC] macmade/filevaultcracker macOS FileVault cracking tool
  • [172Star][23d] [C++] samyk/frisky Instruments to assist in binary application reversing and augmentation, geared towards walled gardens like iOS and macOS
  • [171Star][2y] [Py] 3gstudent/worse-pdf Turn a normal PDF file into malicious.Use to steal Net-NTLM Hashes from windows machines.
  • [171Star][10m] [Shell] trustedsec/hardcidr hardCIDR is a Linux Bash script, but also functions under macOS. Your mileage may vary on other distros. The script with no specified options will query ARIN and a pool of BGP route servers. The route server is selected at random at runtime.
  • [169Star][7m] [C] octomagon/davegrohl A Password Cracker for macOS
  • [166Star][8m] proteas/unstripped-ios-kernels Unstripped iOS Kernels
  • [165Star][2y] [C++] google/pawn 从基于 Intel 的工作站和笔记本电脑中提取 BIOS 固件
  • [165Star][16d] [Swift] ryasnoy/applocker AppLocker - simple lock screen for iOS Application ( Swift 4+, iOS 9.0+) Touch ID / Face ID
  • [163Star][6y] [C] gdbinit/readmem A small OS X/iOS userland util to dump processes memory
  • [163Star][9m] [C] tboox/itrace Trace objc method call for ios and mac
  • [162Star][2y] [C++] encounter/futurerestore (unmaintained) iOS upgrade and downgrade tool utilizing SHSH blobs (unofficial fork supporting iOS 11 and newer devices)
  • [159Star][2m] smilezxlee/crackediosapps iOS端破解版App集合,包含破解版QQ、破解版抖音、破解版百度网盘、破解版麻花、钉钉打卡助手、破解版墨墨背单词、破解版网易云音乐、破解版芒果TV
  • [157Star][20d] mac4n6/presentations Presentation Archives for my macOS and iOS Related Research
  • [152Star][7y] [Py] intrepidusgroup/imdmtools Intrepidus Group's iOS MDM tools
  • [147Star][3y] [Py] biosbits/bits BIOS Implementation Test Suite
  • [145Star][2y] [Shell] depoon/iosdylibinjectiondemo Using this Repository to demo how to inject dynamic libraries into cracked ipa files for jailed iOS devices
  • [144Star][10m] [Py] dlcowen/fseventsparser Parser for OSX/iOS FSEvents Logs
  • [144Star][4y] [ObjC] etsy/bughunt-ios
  • [143Star][2y] [C] rodionovd/liblorgnette Interprocess dlsym() for OS X & iOS
  • [140Star][4m] [Go] greenboxal/dns-heaven 通过/etc/resolv.conf 启用本地 DNS stack 来修复(愚蠢的) macOS DNS stack
  • [139Star][3y] [Py] google/tcp_killer 关闭 Linux或 MacOS 的 Tcp 端口
  • [139Star][8m] [C++] macmade/dyld_cache_extract A macOS utility to extract dynamic libraries from the dyld_shared_cache of macOS and iOS.
  • [130Star][4m] [Py] apperian/ios-checkipa Scans an IPA file and parses its Info.plist and embedded.mobileprovision files. Performs checks of expected key/value relationships and displays the results.
  • [129Star][4y] [Go] benjojo/dos_ssh Use BIOS ram hacks to make a SSH server out of any INT 10 13h app (MS-DOS is one of those)
  • [129Star][2m] [Py] stratosphereips/stratospherelinuxips an intrusion prevention system that is based on behavioral detections and machine learning algorithms
  • [128Star][2y] [Py] unfetter-discover/unfetter-analytic a framework for collecting events (process creation, network connections, Window Event Logs, etc.) from a client machine (Windows 7) and performing CAR analytics to detect potential adversary activity
  • [126Star][3m] [Py] platomav/biosutilities Various BIOS Utilities for Modding/Research
  • [126Star][4y] [Py] sektioneins/sandbox_toolkit Toolkit for binary iOS / OS X sandbox profiles
  • [125Star][16d] [C] projecthorus/radiosonde_auto_rx Automatically Track Radiosonde Launches using RTLSDR
  • [125Star][3y] [JS] vtky/swizzler2 Swizzler2 - Hacking iOS applications
  • [121Star][2y] [Swift] lxdcn/nepackettunnelvpndemo iOS VPN client implementation demo based on iOS9 NetworkExtension NETunnelProvider APIs
  • [119Star][1y] [Py] winheapexplorer/winheap-explorer heap-based bugs detection in x86 machine code for Windows applications.
  • [113Star][3y] [Objective-C++] yonsm/ipafine iOS IPA package refine and resign
  • [111Star][5m] [C++] danielcardeenas/audiostego Audio file steganography. Hides files or text inside audio files and retrieve them automatically
  • [110Star][8m] [C] siguza/imobax iOS Mobile Backup Extractor
  • [106Star][7y] intrepidusgroup/trustme Disable certificate trust checks on iOS devices.
  • [99Star][2y] antid0tecom/ios-kerneldocs Various files helping to better understand the iOS / WatchOS / tvOS kernels
  • [98Star][2y] [Py] google/legilimency A Memory Research Platform for iOS
  • [96Star][7m] [Swift] depoon/networkinterceptor iOS URLRequest interception framework
  • [96Star][2y] [Swift] liruqi/mume-ios an iOS client that implements custom proxies with the leverage of Network Extension framework introduced by Apple since iOS 9
  • [95Star][2y] [ObjC] xslim/mobiledevicemanager Manage iOS devices through iTunes lib
  • [93Star][1y] [Jupyter Notebook] positivetechnologies/seq2seq-web-attack-detection The implementation of the Seq2Seq model for web attack detection. The Seq2Seq model is usually used in Neural Machine Translation. The main goal of this project is to demonstrate the relevance of the NLP approach for web security.
  • [90Star][2y] [PS] netbiosx/digital-signature-hijack Binaries, PowerShell scripts and information about Digital Signature Hijacking.
  • [90Star][5y] [ObjC] project-imas/app-password Custom iOS user authentication mechanism (password with security questions for self reset)
  • [85Star][4y] [Swift] deniskr/keychainswiftapi This Keychain Swift API library is a wrapper of iOS C Keychain Framework. It allows easily and securely storing sensitive data in secure keychain store.
  • [85Star][2y] [ObjC] siguza/phoenixnonce 64-bit nonce setter for iOS 9.3.4-9.3.5
  • [84Star][8m] [Py] aaronst/macholibre Mach-O & Universal Binary Parser
  • [83Star][10m] [Shell] trailofbits/ios-integrity-validator Integrity validator for iOS devices
  • [79Star][1y] [Swift] aidevjoe/sandboxbrowser A simple iOS sandbox file browser, you can share files through AirDrop
  • [79Star][4y] mi3security/su-a-cyder Home-Brewed iOS Malware PoC Generator (BlackHat ASIA 2016)
  • [79Star][6y] [C] peterfillmore/removepie removePIE changes the MH_PIE flag of the MACH-O header on iOS applications to disable ASLR on applications
  • [78Star][1y] [Shell] iaik/ios-analysis Automated Binary Analysis on iOS
  • [77Star][2y] [ObjC] cocoahuke/ioskextdump Dump Kext information from iOS kernel cache. Applicable to the kernel which dump from memory
  • [75Star][7m] [Py] tribler/dispersy The elastic database system. A database designed for P2P-like scenarios, where potentially millions of computers send database updates around.
  • [74Star][29d] [C] certificate-helper/tls-inspector Easily view and inspect X.509 certificates on your iOS device.
  • [72Star][4m] [C++] macmade/unicorn-bios Basic BIOS emulator for Unicorn Engine.
  • [72Star][6y] [Py] piccimario/iphone-backup-analyzer-2 iPBA, Qt version
  • [72Star][3y] [C++] razzile/liberation A runtime patching library for iOS. Major rework on unfinished branch
  • [72Star][30d] [Py] ehco1996/aioshadowsocks 用 asyncio 重写 shadowsocks ~
  • [69Star][3m] [C] brandonplank/rootlessjb4 rootlessJB that supports iOS 12.0 - 12.2 & 12.4
  • [67Star][22d] [Py] guardianfirewall/grandmaster A simplistic python tool that assists in automating iOS firmware decryption.
  • [65Star][4y] zhengmin1989/ios-10-decrypted-kernel-cache iOS 10 Decrypted Kernel Cache
  • [65Star][5y] [ObjC] project-imas/memory-security Tools for securely clearing and validating iOS application memory
  • [63Star][2y] josephlhall/dc25-votingvillage-report A report to synthesize findings from the Defcon 25 Voting Machine Hacking Village
  • [62Star][8m] [C] luoyanbei/testhookzz iOS逆向:使用HookZz框架hook游戏“我的战争”,进入上帝模式
  • [62Star][5m] [C++] meitu/mtgldebug An OpenGL debugging tool for iOS.
  • [61Star][9y] [C] chronic-dev/bootrom-dumper Utility to Dump iPhone Bootrom
  • [61Star][6m] [PS] texhex/biossledgehammer Automated BIOS, ME, TPM firmware update and BIOS settings for HP devices
  • [61Star][11m] [ObjC] tihmstar/v3ntex getf tfp0 on iOS 12.0 - 12.1.2
  • [60Star][4y] shadowsocks/tun2socks-ios tun2socks as a library for iOS apps
  • [58Star][7m] [Perl] dnsmichi/manubulon-snmp Set of Icinga/Nagios plugins to check hosts and hardware wi the SNMP protocol.
  • [58Star][4y] [HTML] nccgroup/iodide The Cisco IOS Debugger and Integrated Disassembler Environment
  • [58Star][2y] [Shell] tanprathan/fridpa An automated wrapper script for patching iOS applications (IPA files) and work on non-jailbroken device
  • [57Star][ObjC] jrock007/tob Free, open-source and ad-less Tor web browser for iOS
  • [56Star][11m] [ObjC] geosn0w/chaos Chaos iOS < 12.1.2 PoC by
  • [55Star][2y] jkpang/timliu-ios iOS开发常用三方库、插件、知名博客等等
  • [55Star][3y] [C++] s-kanev/xiosim A detailed michroarchitectural x86 simulator
  • [55Star][3y] [C] synack/chaoticmarch A mechanism for automating input events on iOS
  • [52Star][1y] [C] bazad/threadexec A library to execute code in the context of other processes on iOS 11.
  • [52Star][2y] rehints/blackhat_2017 Betraying the BIOS: Where the Guardians of the BIOS are Failing
  • [52Star][10m] [Logos] zhaochengxiang/ioswechatfakelocation A tweak that can fake location info in WeChat
  • [51Star][3y] [HTML] pwnsdx/ios-uri-schemes-abuse-poc A set of URI schemes bugs that lead Safari to crash/freeze.
  • [49Star][1y] [Swift] sherlouk/swiftprovisioningprofile Parse iOS mobile provisioning files into Swift models
  • [48Star][2y] [Shell] leanvel/iinject Tool to automate the process of embedding dynamic libraries into iOS applications from GNU/Linux
  • [48Star][7m] [ObjC] smilezxlee/zxhookutil 【iOS逆向】Tweak工具函数集,基于theos、monkeyDev
  • [47Star][2m] [ObjC] ooni/probe-ios OONI Probe iOS
  • [47Star][4y] [Py] ostorlab/jniostorlab JNI method enumeration in ELF files
  • [47Star][3m] [ObjC] smilezxlee/zxrequestblock 一句话实现iOS应用底层所有网络请求拦截(如ajax请求拦截),包含http-dns解决方法,有效防止DNS劫持,用于分析http,https请求,禁用/允许代理,防抓包等
  • [47Star][2m] the-blockchain-bible/readme The Blockchain Bible,a collections for blockchain tech,bitcoin,ethereum,crypto currencies,cryptography,decentralized solutions,business scenarios,hyperledger tech,meetups,区块链,数字货币,加密货币,比特币,以太坊,密码学,去中心化,超级账本
  • [47Star][5y] [PHP] cloudsec/aioshell A php webshell run under linux based webservers. v0.05
  • [46Star][2y] [C] encounter/tsschecker Check TSS signing status of iOS firmwares and save SHSH blobs
  • [46Star][2y] uefitech/resources One-stop shop for UEFI/BIOS specifications/utilities by UEFI.Tech community
  • [46Star][1y] [Go] unixpickle/cve-2018-4407 Crash macOS and iOS devices with one packet
  • [44Star][4y] [C] samdmarshall/machodiff mach-o diffing tool
  • [43Star][5y] [Shell] netspi/heapdump-ios Dump IOS application heap space from memory
  • [42Star][1m] [ObjC] dineshshetty/ios-sandbox-dumper SandBox-Dumper makes use of multiple private libraries to provide exact locations of the application sandbox, application bundle and some other interesting information
  • [42Star][2y] [Py] klsecservices/ios_mips_gdb Cisco MIPS debugger
  • [40Star][15d] [Swift] fonta1n3/fullynoded A Bitcoin Core GUI for iOS devices. Allows you to connect to and control multiple nodes via Tor
  • [39Star][3y] [Logos] ahmadhashemi/immortal Prevent expiration of signed iOS applications & bypass 3 free signed applications per device limit
  • [39Star][4m] [Py] gh2o/rvi_capture rvictl for Linux and Windows: capture packets sent/received by iOS devices
  • [39Star][4y] [Pascal] senjaxus/delphi_remote_access_pc Remote access in Delphi 7 and Delphi XE5 (With sharer files, CHAT and Forms Inheritance) || Acesso Remoto em Delphi 7 e Delphi XE5 (Com Compartilhador de Arquivos, CHAT e Herança de Formulários)
  • [39Star][27d] [Shell] userlandkernel/plataoplomo Collection of (at time of release) iOS bugs I found
  • [39Star][3m] [Py] meituan-dianping/lyrebird-ios 本程序是Lyrebird插件,您可以在插件中快速查看已连接iOS设备的详细设备信息,截取屏幕快照,以及查看已连接设备的应用信息。
  • [38Star][4y] [C] taichisocks/shadowsocks Lightweight shadowsocks client for iOS and Mac OSX base on shadowsocks-libev
  • [38Star][1y] [ObjC] xmartlabs/metalperformanceshadersproxy A proxy for MetalPerformanceShaders which takes to a stub on a simulator and to the real implementation on iOS devices.
  • [37Star][4m] [Ruby] appspector/ios-sdk AppSpector is a debugging service for mobile apps
  • [36Star][4y] [Objective-C++] cyhe/iossecurity-attack APP安全(逆向攻击篇)
  • [36Star][3y] [PS] machosec/mystique PowerShell module to play with Kerberos S4U extensions
  • [35Star][4y] [Py] curehsu/ez-wave Tools for Evaluating and Exploiting Z-Wave Networks using Software-Defined Radios.
  • [35Star][1y] [Swift] vixentael/zka-example Zero Knowledge Application example, iOS, notes sharing, Firebase backend
  • [33Star][3y] [ObjC] integrity-sa/introspy-ios Security profiling for blackbox iOS
  • [33Star][7y] [C] mubix/fakenetbios See here:
  • [33Star][10m] [Swift] vixentael/ios-datasec-basics iOS data security basics: key management, workshop for iOS Con UK
  • [33Star][2m] [ObjC] proteas/ios13-sandbox-profile-format Binary Format of iOS 13 Sandbox Profile Collection
  • [31Star][3y] [Py] as0ler/r2clutch r2-based tool to decrypt iOS applications
  • [31Star][3y] [Assembly] gyje/bios_rootkit 来自Freebuf评论区,一个UEFI马.
  • [31Star][2y] proappleos/upgrade-from-10.3.x-to-ios-11.1.2-on-any-64bit-device-with-blobs How to Upgrade any 64Bit Device from 10.3.x to 11.1.2 with Blobs
  • [30Star][3y] [ObjC] mtigas/iobfs Building obfs4proxy for Tor-enabled iOS apps.
  • [30Star][2y] [Shell] pnptutorials/pnp-portablehackingmachine This script will convert your Raspberry Pi 3 into a portable hacking machine.
  • [30Star][8y] [Py] hubert3/isniff SSL man-in-the-middle tool targeting iOS devices < 4.3.5
  • [29Star][12m] [Py] antid0tecom/ipad_accessory_research Research into Security of Apple Smart Keyboard and Apple Pencil
  • [29Star][4y] [ObjC] quellish/facebook-ios-internal-headers Headers generated by reverse engineering the Facebook iOS binary
  • [29Star][8y] sektioneins/.ipa-pie-scanner Scans iPhone/iPad/iPod applications for PIE flags
  • [29Star][4y] [C] scallywag/nbtscan NetBIOS scanning tool. Currently segfaults!
  • [28Star][2y] [ObjC] dannagle/packetsender-ios Packet Sender for iOS, Send/Receive UDP/TCP
  • [28Star][10m] [C] mrmacete/r2-ios-kernelcache Radare2 plugin to parse modern iOS 64-bit kernel caches
  • [28Star][3y] [C] salmg/audiospoof Magnetic stripe spoofer implementing audio waves.
  • [28Star][4y] [Swift] urinx/device-9 实时监测网速,IP,内存大小,温度等设备信息并显示在通知中心的 iOS App
  • [27Star][1y] alonemonkey/iosrebook-issues 《iOS应用逆向与安全》 勘误
  • [27Star][27d] [Perl] hknutzen/netspoc A network security policy compiler. Netspoc is targeted at large environments with a large number of firewalls and admins. Firewall rules are derived from a single rule set. Supported are Cisco IOS, NX-OS, ASA and IPTables.
  • [27Star][3m] [Rust] marcograss/rust-kernelcache-extractor Extract a decrypted iOS 64-bit kernelcache
  • [27Star][8m] [Py] qingxp9/cve-2019-6203-poc PoC for CVE-2019-6203, works on < iOS 12.2, macOS < 10.14.4
  • [27Star][5m] [Py] mvelazc0/purplespray PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpose of generating attack telemetry in properly monitored Windows enterprise environments
  • [26Star][2y] [C++] cuitche/code-obfuscation 一款iOS代码混淆工具(A code obfuscation tool for iOS.)
  • [26Star][5m] [HTML] devnetsandbox/sbx_multi_ios Sample code, examples, and resources for use with the DevNet Multi-IOS Sandbox
  • [26Star][4y] [ObjC] qiuyuzhou/shadowsocks-ios No maintaining. Try this
  • [26Star][3y] [ObjC] nabla-c0d3/ios-reversing Some iOS tools and scripts from 2014 for iOS reversing.
  • [26Star][5m] [Swift] itsjohnye/lead-ios a featherweight iOS SS proxy client with interactive UI
  • [25Star][2y] [C] embedi/tcl_shellcode A template project for creating a shellcode for the Cisco IOS in the C language
  • [25Star][1y] [HTML] 649/crash-ios-exploit Repository dedicated to storing a multitude of iOS/macOS/OSX/watchOS crash bugs. Some samples need to be viewed as raw in order to see the Unicode. Please do not intentionally abuse these exploits.
  • [24Star][6y] [ObjC] samdmarshall/ios-internals iOS related code
  • [23Star][5y] [Ruby] claudijd/bnat "Broken NAT" - A suite of tools focused on detecting and interacting with publicly available BNAT scenerios
  • [23Star][1y] [ObjC] rpwnage/warri0r ios 12 Sandbox escape POC
  • [22Star][2y] jasklabs/blackhat2017 Data sets and examples for Jask Labs Blackhat 2017 Handout: Top 10 Machine Learning Cyber Security Use Cases
  • [22Star][4y] sunkehappy/ios-reverse-engineering-tools-backup Some guys find the old lsof could not be downloaded. But I have it and I want to share it.
  • [22Star][1y] [PHP] svelizdonoso/asyrv ASYRV es una aplicación escrita en PHP/MySQL, con Servicios Web mal desarrollados(SOAP/REST/XML), esperando ayudar a los entusiastas de la seguridad informática a comprender esta tecnología tan utilizada hoy en día por las Organizaciones.
  • [21Star][2y] troydo42/awesome-pen-test Experiment with penetration testing Guides and Tools for WordPress, iOS, MacOS, Wifi and Car
  • [20Star][1y] [C] downwithup/cve-2018-16712 PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)
  • [20Star][1y] [Ruby] martinvigo/ransombile Ransombile is a tool that can be used in different scenarios to compromise someone’s digital life when having physical access to a locked mobile device
  • [19Star][3y] [Swift] depoon/injectiblelocationspoofing Location Spoofing codes for iOS Apps via Code Injection
  • [19Star][1y] [ObjC] frpccluster/frpc-ios IOS,苹果版frpc.一个快速反向代理,可帮助您将NAT或防火墙后面的本地服务器暴露给Internet。
  • [19Star][6y] [Logos] iosre/iosrelottery
  • [18Star][12d] [Py] adafruit/adafruit_circuitpython_rfm9x CircuitPython module for the RFM95/6/7/8 LoRa wireless 433/915mhz packet radios.
  • [16Star][4y] ashishb/ios-malware iOS malware samples
  • [16Star][2y] [ObjC] mikaelbo/updateproxysettings A simple iOS command line tool for updating proxy settings
  • [16Star][1y] [Py] r3dxpl0it/cve-2018-4407 IOS/MAC Denial-Of-Service [POC/EXPLOIT FOR MASSIVE ATTACK TO IOS/MAC IN NETWORK]
  • [15Star][2y] [Objective-C++] ay-kay/cda iOS command line tool to search for installed apps and list container paths (bundle, data, group)
  • [15Star][2y] [Py] mathse/meltdown-spectre-bios-list a list of BIOS/Firmware fixes adressing CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
  • [15Star][2y] [Swift] vgmoose/nc-client [iOS] netcat gui app, for using the 10.1.x mach_portal root exploit on device
  • [15Star][12m] aliasrobotics/rctf Scenarios of the Robotics CTF (RCTF), a playground to challenge robot security.
  • [14Star][2m] refractionpoint/limacharlie Old home of LimaCharlie, open source EDR
  • [14Star][7y] [Py] trotsky/insyde-tools (Inactive) Tools for unpacking and modifying an InsydeH2O UEFI BIOS now merged into coreboot
  • [14Star][5y] [C] yifanlu/polipo-ios iOS port of Polipo caching HTTP proxy
  • [13Star][1y] [ObjC] omerporze/toothfairy CVE-2018-4330 POC for iOS
  • [13Star][6y] [Py] yuejd/ios_restriction_passcode_crack---python-version Crack ios Restriction PassCode in Python
  • [13Star][2m] [Shell] ewypych/icinga-domain-expiration-plugin Icinga2/Nagios plugin for checking domain expiration
  • [12Star][8y] [C] akgood/iosbasicconstraintsworkaround Proof-of-Concept OpenSSL-based workaround for iOS basicConstraints SSL certificate validation vulnerability
  • [12Star][10m] [Py] wyatu/cve-2018-4407 CVE-2018-4407 IOS/macOS kernel crash
  • [11Star][8m] [Swift] sambadiallob/pubnubchat An anonymous chat iOS app made using PubNub
  • [11Star][3y] [ObjC] flankerhqd/descriptor-describes-toctou POCs for IOMemoryDescriptor racing bugs in iOS/OSX kernels
  • [10Star][1y] [Py] zteeed/cve-2018-4407-ios POC: Heap buffer overflow in the networking code in the XNU operating system kernel
  • [9Star][2y] [Logos] asnowfish/ios-system iOS系统的逆向代码
  • [9Star][4y] [C] yigitcanyilmaz/iohideventsystemuserclient iOS Kernel Race Vulnerability (Patched on iOS 9.3.2,OSX 10.11.5,tvOS 9.2.1 by Apple)
  • [9Star][2y] [C] syst3ma/cisco_ios_research
  • [9Star][2m] nemo-wq/privilege_escalation Lab exercises to practice privilege escalation scenarios in AWS IAM. These exercises and the slides go through the basics behind AWS IAM, common weaknesses in AWS deployments, specific to IAM, and how to exploit them manually. This was run as a workshop at BruCon 2019.
  • [9Star][2y] [C] syst3ma/cisco_ios_research
  • [8Star][6y] [C] linusyang/sslpatch Patch iOS SSL vulnerability (CVE-2014-1266)
  • [8Star][2y] pinczakko/nsa_bios_backdoor_articles PDF files of my articles on NSA BIOS backdoor
  • [8Star][2y] [JS] ansjdnakjdnajkd/frinfo Dump files, data, cookies, keychain and etc. from iOS device with one click.
  • [7Star][7y] [ObjC] hayaq/recodesign Re-codesigning tool for iOS ipa file
  • [7Star][11m] [Py] shawarkhanethicalhacker/cve-2019-8389 [CVE-2019-8389] An exploit code for exploiting a local file read vulnerability in Musicloud v1.6 iOS Application
  • [7Star][1y] [C] ukern-developers/xnu-kernel-fuzzer Kernel Fuzzer for Apple's XNU, mainly meant for the iOS operating system
  • [6Star][2y] [C] jduncanator/isniff Packet capture and network sniffer for Apple iOS devices (iPhone / iPod). An implementation of iOS 5+ Remote Virtual Interface service and pcapd.
  • [6Star][6y] [Shell] rawrly/juicejacking Several script and images used with the juice jacking kiosks
  • [6Star][8y] [Ruby] spiderlabs/bnat-suite "Broken NAT" - A suite of tools focused on detecting/exploiting/fixing publicly available BNAT scenerios
  • [4Star][12m] anonymouz4/apple-remote-crash-tool-cve-2018-4407 Crashes any macOS High Sierra or iOS 11 device that is on the same WiFi network
  • [4Star][2y] [C] chibitronics/ltc-os ChibiOS-based operating system for the Love-to-Code project
  • [4Star][2y] [Swift] crazyquark/keysafe A technical demo on how to use KeySecGeneratePair() with the secure enclave in iOS 9+
  • [4Star][8y] [ObjC] spiderlabs/twsl2011-007_ios_code_workaround Workaround for the vulnerability identified by TWSL2011-007 or CVE-2008-0228 - iOS x509 Certificate Chain Validation Vulnerability
  • [3Star][3y] [ObjC] susnmos/xituhook 逆向分析及修复稀土掘金iOS版客户端闪退bug
  • [3Star][4y] [Py] torque59/yso-mobile-security-framework Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis.
  • [3Star][1y] tthtlc/awesome_malware_techniques This will compile a list of Android, iOS, Linux malware techniques for attacking and detection purposes.
  • [3Star][4y] [Py] tudorthe1ntruder/rubber-ducky-ios-pincode-bruteforce
  • [2Star][3y] [Py] alexplaskett/needle The iOS Security Testing Framework.
  • [2Star][5y] [HTML] dhirajongithub/owasp-kalp-mobile-project-ios-app OWASP KALP Mobile Project is an iOS application developed for users to view OWASP Top 10 (WEB and MOBILE) on mobile device.
  • [2Star][2y] [C] kigkrazy/hookzz a cute hook framwork for arm/arm64/ios/android
  • [2Star][4y] [C] ohdarling/potatso-ios Potatso is an iOS client that implements Shadowsocks proxy with the leverage of NetworkExtension framework in iOS 9.
  • [2Star][1y] [Py] zeng9t/cve-2018-4407-ios-exploit CVE-2018-4407,iOS exploit
  • [2Star][2y] nrollr/ios Ivan Krstić - Black Hat 2016 presentation
  • [1Star][10m] [Ruby] hercules-team/augeasproviders_nagios Augeas-based nagios types and providers for Puppet
  • [1Star][4y] [Go] jordan2175/ios-passcode-crack Tool for cracking the iOS restrictions passcode
  • [0Star][2y] [ObjC] joedaguy/exploit11.2 Exploit iOS 11.2.x by ZIMPERIUM and semi-completed by me. Sandbox escapes on CVE-2018-4087.
  • [0Star][3y] [C] maximehip/extra_recipe Ian Beer's exploit for CVE-2017-2370 (kernel memory r/w on iOS 10.2)
  • [0Star][6y] [ObjC] skycure/skycure_news Sample news iOS application
  • [0Star][2y] [Py] tsunghowu/diskimagecreator A python utility to process the input raw disk image and sign MBR/partitions with given corresponding keys. This tool is designed to help people attack the machine with a secure chain-of-trust boot process in UEFI BIOS.
  • [0Star][3y] [Swift] jencisov/stackview POC project of StackViews on iOS
  • [0Star][2m] [HTML] dotnetnicaragua/example-xss-crosssitescripting Ejemplo de vulnerabilidad: A7 - Secuencia de Comandos en Sitios Cruzados (XSS) según OWASP TOP 10 2017

Posts&&Videos

Recent Add

Cuckoo

Tools

Recent Add

Post&&Videos

DBI

DynamoRIO

Tools

DynamoRIO

Recent Add

With Other Tools

Posts&&Videos

IntelPin

Tools

Recent Add

  • [424Star][5y] [C++] jonathansalwan/pintools Pintool example and PoC for dynamic binary analysis
  • [299Star][2m] [C] vusec/vuzzer depends heavily on a modeified version of DataTracker, which in turn depends on LibDFT pintool.
  • [148Star][5y] [C++] f-secure/sulo Dynamic instrumentation tool for Adobe Flash Player built on Intel Pin
  • [123Star][6m] [C++] hasherezade/tiny_tracer A Pin Tool for tracing API calls etc
  • [65Star][3y] [C++] m000/dtracker DataTracker: A Pin tool for collecting high-fidelity data provenance from unmodified programs.
  • [60Star][2y] [C++] hasherezade/mypintools Tools to run with Intel PIN
  • [48Star][9m] [C++] angorafuzzer/libdft64 libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)
  • [48Star][7y] [C++] cr4sh/code-coverage-analysis-tools Code coverage analysis tools for the PIN Toolkit
  • [39Star][4y] [C++] corelan/pin Collection of pin tools
  • [36Star][3y] [C++] paulmehta/ablation Augmenting Static Analysis Using Pintool: Ablation
  • [30Star][4y] [C++] 0xddaa/pin Use Intel Pin tools to analysis binary.
  • [27Star][1y] [C++] fdiskyou/winalloctracer Pintool that logs and tracks calls to RtlAllocateHeap, RtlReAllocateHeap, RtlFreeHeap, VirtualAllocEx, and VirtualFreeEx.
  • [26Star][7y] [C++] jingpu/pintools
  • [25Star][2m] [C++] boegel/mica a Pin tool for collecting microarchitecture-independent workload characteristics
  • [22Star][6y] [C++] jbremer/pyn Awesome Python bindings for Pintool
  • [18Star][1y] bash-c/pin-in-ctf 使用intel pin来求解一部分CTF challenge
  • [12Star][3y] [C++] netspi/pin Intel pin tools
  • [6Star][2y] [C++] spinpx/afl_pin_mode Yet another AFL instrumentation tool implemented by Intel Pin.

With Other Tools

No Category

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

284 stars

Watchers

5 watching

Forks

42 forks
Report repository

Releases

No releases published

Packages

No packages published