Scripts, plugins, and information for working with Samsung's Shannon baseband.

the LLM vulnerability scanner

A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).

Multi-architecture emulation for the modern era.

A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.

CudaPAD is a PTX/SASS viewer for NVIDIA Cuda kernels and provides an on-the-fly view of the assembly.

Ghidra extension to add support for AMD F32 microcode isa

Tegra2/X1/X1+ emulation

Tegra2/X1/X1+ emulation

low-level Tegra X1 AArch64 emulator using Unicorn

The legendary hero that can create various Nintendo Switch formats from her rusty crossbows

A tiling window manager for macOS based on binary space partitioning

Pishi is a code coverage tool like kcov for macOS.

Qualcomm Hexagon decompiler for Ghidra 11.2/11.0/10.4 (Consider using https://github.com/CUB3D/ghidra-hexagon-sleigh instead)

Vulkan bindings for Rust

nanoMIPS module for Ghidra

A Python library to ease the development of encoders and decoders for various protocols and file formats, especially telecom ones. Provides an ASN.1 compiler and a CSN.1 runtime.

LLEF is a plugin for LLDB to make it more useful for RE and VR

XPC sniffer using LLDB

MetalANGLE: OpenGL ES to Metal API translation layer

Tracing of iOS/macOS binaries using HW single step and Frida DBI

An Open-Source Pre and Post Callback-Based Framework for macOS Kernel Monitoring.

Hexag00n: A collection of reverse engineering tools for the Qualcomm Digital Signal Proccesor (QDSP6)

A tool for debugging macOS virtual machines

PASTIS: Collaborative Fuzzing Framework

Raw syscalls, in pure Swift!

Library for reading and patching xnu KernelCaches and a tool to disable loading of AppleSerialShim for m1n1 UART debugging over USB-C aux lines.

tart, but with custom AVPBooter ROM, serial I/O, DFU mode, GDB debugging (port 8000), and panic halting. See help menus for `tart create` and `tart run` for more info. Requires SIP/AMFI to be disab…