开源软件名称(OpenSource Name):houjingyi233/macOS-iOS-system-security
开源软件地址(OpenSource Url):https://github.com/houjingyi233/macOS-iOS-system-security
开源编程语言(OpenSource Language):
开源软件介绍(OpenSource Introduction):Here is some resources about macOS/iOS system security.
exploit writeup
https://blog.pangu.io/
https://starlabs.sg/advisories/
https://bugs.chromium.org/p/project-zero/issues/list
https://talosintelligence.com/vulnerability_reports#disclosed
tools
Just some little dev tools to probe IOKit:
https://github.com/Siguza/iokit-utils
Dyld Shared Cache Support for BinaryNinja:
https://github.com/cxnder/bn-dyldsharedcache
iOS/MacOS Kernelcache/Extensions analysis tool:
https://github.com/lilang-wu/p-joker
static analysis tool for analyzing the security of Apple kernel drivers:
https://github.com/alibaba-edu/Driver-Security-Analyzer
Coralsun is a small utility cython library used to provide python support for low level kernel features:
https://github.com/FSecureLABS/coralsun
fuzzers
public:
macOS 10.13 kernel fuzzer
https://github.com/FSecureLABS/OSXFuzz
binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM
https://github.com/ant4g0nist/ManuFuzzer
automate the generation of syscall specifications for closed-source macOS drivers and facilitate interface-aware fuzzing
https://github.com/seclab-ucr/SyzGen_setup
binary code-coverage fuzzer for Windows and macOS
https://github.com/googleprojectzero/Jackalope
a fork of XNU that contains support for fuzzing the network stack in userland on macOS and Linux-based hosts
https://github.com/googleprojectzero/SockFuzzer
fuzzing OSX kernel vulnerability based on passive inline hook mechanism in kernel mode
https://github.com/SilverMoonSecurity/PassiveFuzzFrameworkOSX
patch honggfuzz to get coverage guided fuzzing of closed source libraries on macOS based on trap
https://github.com/googleprojectzero/p0tools/tree/master/TrapFuzz
patch honggfuzz to fuzz iOS library on M1 mac
https://github.com/googleprojectzero/p0tools/tree/master/iOSOnMac
patch that build WebKitGTK+ with ASAN and make some changes that make fuzzing easier
https://github.com/googleprojectzero/p0tools/tree/master/WebKitFuzz
private:
LLDBFuzzer Debug for Bug: Crack and Hack Apple Core by Itself
LynxFuzzer Improving Mac OS X Security Through Gray Box Fuzzing Technique
Port Syzkaller to Support macOS XNU Fuzzing Drill Apple Core: Up and Down - Fuzz Apple Core Component in Kernel and User Mode for Fun and Profit
conference
|
请发表评论