CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalati…

Useful resources for iOS hacking

A fuzzing framework for Hexagon baseband firmware using QEMU system emulation.

CVE-2025-31200 - @Noahhw46 figured it out

Decompiling macOS Hypervisor.framework by hand

qemu with iOS host support

Virtual machines for iOS and macOS

Pishi is a code coverage tool like kcov for macOS.

MCP Server for Ghidra

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

An IOKit kext designed for microarchitectural security research on M1

macOS kext with kernel R/W, kalloc and kcall

WTF Snapshot fuzzing of macOS targets

CVE-2024-53691

Escape macOS Sandbox using sharedfilelistd exploit

Project Zero Docs and Tools

Private Cloud Compute (PCC)

iOS/macOS Research Swiss Army Knife

Emulating Apple Silicon devices.

An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months …

Home of the WebKit project, the browser engine used by Safari, Mail, App Store and many other applications on macOS, iOS and Linux.

Extract Binaries from Apple's Dyld Shared Cache

An introduction to ARM64 assembly on Apple Silicon Macs

XNU kernel, Kernel Collection and CodeQL build scripts