Pishi is a code coverage tool like kcov for macOS.

MCP Server for Ghidra

MCP Server for IDA Pro

An IOKit kext designed for microarchitectural security research on M1

macOS kext with kernel R/W, kalloc and kcall

WTF Snapshot fuzzing of macOS targets

CVE-2024-53691

Escape macOS Sandbox using sharedfilelistd exploit

Project Zero Docs and Tools

Private Cloud Compute (PCC)

iOS/macOS Research Swiss Army Knife

Apple Silicon devices emulated on QEMU, currently only iPhone 11.

An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months …

Home of the WebKit project, the browser engine used by Safari, Mail, App Store and many other applications on macOS, iOS and Linux.

Extract Binaries from Apple's Dyld Shared Cache

An introduction to ARM64 assembly on Apple Silicon Macs

XNU kernel, Kernel Collection and CodeQL build scripts

Scripts of possible interest to macOS admins

POC for CVE-2024-27804

This is the full file system fuzzing framework that I presented at the Hack in the Box 2020 Lockdown Edition conference in April.

Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability

CVE-2024-3400 Palo Alto OS Command Injection

Dev tools for probing IOKit

An IDA Toolkit for analyzing iOS kernelcaches.

A tool that is used to hunt vulnerabilities in x64 WDM drivers