27 open-source projects similar to aidansteele/osx-abi-macho-file-format-reference, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Osx Abi Macho File Format Reference alternative.
Capstone is a multi-architecture disassembly framework and binary translation system. It converts binary machine code into human-readable assembly instructions for a wide variety of hardware instruction set architectures and virtual machines. The framework supports a diverse range of targets, including x86, ARM, RISC-V, and MIPS, as well as virtual machine environments like WebAssembly and the Ethereum Virtual Machine. It functions as an instruction analysis tool capable of extracting granular decomposition data and semantic information from disassembled code. The engine is designed for low-
ipsw is a specialized toolkit for iOS firmware analysis, binary reverse engineering, and hardware interaction. It provides a suite of tools for downloading, extracting, and analyzing firmware images and kernel caches, alongside a MachO binary analysis tool for disassembling and patching executables. The project distinguishes itself through integrated language-model-powered code reconstruction to translate machine code into high-level source code. It also features an automation client for the App Store Connect API to manage certificates and application settings. The framework covers a broad r
FunctionInliner is an IDA plugin that can be used to ease the reversing of binaries that have been space-optimized with function outlining (e.g. clang --moutline).
PacXplorer is an IDA plugin that adds XREFs between virtual functions and their call sites. This is accomplished by leveraging PAC codes in ARM64e binaries. 1. install ida-nentode somewhere IDA can import it 2. clone the repository and symlink ~/.idapro/plugins/pacxplorer.py to pacxplorer.py in…
GhIDA is an IDA Pro plugin that integrates the Ghidra decompiler in IDA.
` git clone https://github.com/dubuqingfeng/ollydbg-script.git `
Binary Ninja Loader for iBoot & SecureROM
We evaluated two packer type estimation/detection tools (pypeid and Detect It Easy (DIE)) to fix this issue.
BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.
32/64 bit SecureROM/iBoot loader for IDA Pro. Supports IDA Pro 7.0+ on all platforms.
mootool is an attempt at an open source replacement to the legandary jtool2 allowing it to continue to progress with the Apple research community. Ruby was selected as Homebrew maintains a good Mach-O parser that is pure (meaning it needs no dependencies other then a Ruby runtime).
A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities
Objective Ninja is a Binary Ninja plugin (and workflow) which provides numerous features to assist in reverse engineering Objective-C code.
Peda is a security tool suite and exploit development framework designed for binary analysis, debugger automation, and memory inspection. It functions as a set of Python scripts that extend a debugger to automate the analysis of compiled files and the inspection of process memory. The project provides specialized utilities for memory corruption research, including a payload generation utility for creating cyclic patterns to discover buffer overflows and a gadget finder to locate return-oriented programming sequences within binaries. It differentiates itself by offering a visualization tool th
IDA loader for Apple's iBoot, SecureROM and AVPBooter.
Unicorn is a multi-architecture CPU emulation framework and library that utilizes just-in-time compilation to execute instructions across various processor architectures, including ARM, x86, and RISC-V. It functions as both a JIT compilation engine and an instrumentation tool, allowing for the execution of machine code without the need for physical hardware. The framework is distinguished by its hook-based execution instrumentation, which enables the interception of specific instructions and memory accesses to trigger custom callback functions. It provides a language-agnostic binding layer an