Open-source alternatives to Osx Abi Macho File Format Reference

PacXplorer is an IDA plugin that adds XREFs between virtual functions and their call sites. This is accomplished by leveraging PAC codes in ARM64e binaries. 1. install ida-nentode somewhere IDA can import it 2. clone the repository and symlink ~/.idapro/plugins/pacxplorer.py to pacxplorer.py in…

GhIDA is an IDA Pro plugin that integrates the Ghidra decompiler in IDA.

Corelan Repository for mona.py

Author: cynder (kat)

MachO/ObjC Analysis Editing toolkit.

` git clone https://github.com/dubuqingfeng/ollydbg-script.git `

Binary Ninja Loader for iBoot & SecureROM

We evaluated two packer type estimation/detection tools (pypeid and Detect It Easy (DIE)) to fix this issue.

QEMU Interactive Runtime Analyser

BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

32/64 bit SecureROM/iBoot loader for IDA Pro. Supports IDA Pro 7.0+ on all platforms.

mootool is an attempt at an open source replacement to the legandary jtool2 allowing it to continue to progress with the Apple research community. Ruby was selected as Homebrew maintains a good Mach-O parser that is pure (meaning it needs no dependencies other then a Ruby runtime).

sephelper

A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities

Objective Ninja is a Binary Ninja plugin (and workflow) which provides numerous features to assist in reverse engineering Objective-C code.

Peda is a security tool suite and exploit development framework designed for binary analysis, debugger automation, and memory inspection. It functions as a set of Python scripts that extend a debugger to automate the analysis of compiled files and the inspection of process memory. The project provides specialized utilities for memory corruption research, including a payload generation utility for creating cyclic patterns to discover buffer overflows and a gadget finder to locate return-oriented programming sequences within binaries. It differentiates itself by offering a visualization tool th

IDA loader for Apple's iBoot, SecureROM and AVPBooter.

Binary Ninja SEPROM loader

Deprecated repo for PANDA 1.0 – see PANDA 2.0 repository

A list of IDA Plugins

QEMU README

Unicorn is a multi-architecture CPU emulation framework and library that utilizes just-in-time compilation to execute instructions across various processor architectures, including ARM, x86, and RISC-V. It functions as both a JIT compilation engine and an instrumentation tool, allowing for the execution of machine code without the need for physical hardware. The framework is distinguished by its hook-based execution instrumentation, which enables the interception of specific instructions and memory accesses to trigger custom callback functions. It provides a language-agnostic binding layer an

Release Branches for MoFlow