IDA iBoot Loader
IDA loader for Apple's iBoot, SecureROM and AVPBooter
Installation
Copy iboot-loader.py
to the loaders folder in IDA directory.
Credits
- This code is based on argp's iBoot64helper
- iBoot-Binja-Loader
IDA loader for Apple's iBoot, SecureROM and AVPBooter
Copy iboot-loader.py
to the loaders folder in IDA directory.
IDARefHunter Updated: This project's been introduced on IDA Plugin Contest 2021! Why do we need RefHunter? Getting reference information in one specif
Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St
Qbot-Strings-Decrypter An IDA pro python script to decrypt Qbot malware strings.
RTTI parser Parses RTTI information from executable. Example HexRays decompiler view Before: After: Functions window Before: After: Structs window Ins
IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t
Patching - Interactive Binary Patching for IDA Pro Overview Patching assembly code to change the behavior of an existing program is not uncommon in ma
RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,
Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage
DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai
hello, i wonder how to find base address per iboot file?, what im trying, always i get this !: [i] bootloader : RELEASE [!] Failed to find base address, it's now set to 0x0 [+] Rebasing to address 0x0
IDA 7.6 on windows
thanks
Loading file 'AVPBooter.vmapple2.bin' into database...
Detected file format: SecureROM (AArch64)
0. Creating a new segment (0000000000000000-0000000000028250) ... ... OK
[i] bootloader : RELEASE
[+] Rebasing to address 0x100000
Rebasing program to 0x0000000000100000...
[+] _image4_get_partial : 0x100828
[+] _panic : 0x10367c
[+] _platform_get_usb_serial_number_string : 0x102378
[+] _platform_get_usb_more_other_string : 0x102530
[+] _task_init : 0x1042ac
[+] _arm_exception_abort : 0x10e9d4
[+] _platform_get_usb_vendor_id : 0x107d00
[+] _usb_core_init : 0x104ee0
[+] _usb_init_with_controller : 0x104f58
[+] _der_expect_ia5string : 0x1009f0
I personally doubt 0x100000 is the correct rebase address, especially given the amount of errors in the pseudo code:
Although, I'm quite new to reversing iBoot so I could be very wrong though
Fixes and improvments
Source code(tar.gz)Log4jScanner Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains. Disc
Scrambler App This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data. It leverages encryption tools such as
Data analysis Document here the project: DriverDrowsinessDetector Description: Project Description Data Source: Type of analysis: Please document the
Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured.
DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion.
SpaceSiren SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey token
Simple OSINT script to find Instagram profiles by name and e-mail/phone
The Python SE Dopp Kit is a social engineering toolkit with many purposes. It contains 5 different modules designed to be of assistance in different s
👑 Recon 👑 The step of recognizing a target in both Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create my ow
This repository uses a mixture of numbers, alphabets, and other symbols found on the computer keyboard to form a 16-character password which is unpredictable and cannot easily be memorised.
brute_smb_share I wrote this small PoC after bumping into SMB servers where Hydr
Scripting.py is a repository being maintained to keep log of the python scripts that I create for automating and executing some of my boring manual task.
cthun3是集成端口扫描,服务识别,netbios扫描,网站识别,暴力破解和漏洞扫描的工具. cthun(克苏恩)是魔兽世界电子游戏中一位上古之神 截图 cthun3结合viper使用时截图 使用方法 端口扫描 -ps-ip 端口扫描的ip地址范围,例如可以输入 -ps-ip 192.168.14
Monty Hall Problem Simulation monty_hall_sim is a brute-force method of determining the optimal strategy for the Monty Hall Problem. Usage Set boolean
WebScan is a web vulnerability Scanning tool, which scans sites for SQL injection and XSS vulnerabilities Which is a great tool for web pentesters. Coded in python3, CLI. WebScan is capable of scanni
Pestilence - The Malware Database [] Screenshot Pestilence is a project created to make the possibility of malware analysis open and available to the
AnonStress Stored XSS Exploit An exploit and demonstration on how to exploit a S
log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview
Unauthenticated Sqlinjection that leads to dump database but this one impersonated Admin and drops a interactive shell
tanchi A signature parser for hikari's command handler tanjun. Finally be able to define your commands without those bloody decorator chains! Example