jhftss

POC

A public collection of POCs & Exploits for the vulnerabilities I discovered

CVE-2022-22639

CVE-2022-22639: Get a Root Shell on macOS Monterey

IDA2Obj

Static Binary Instrumentation

One-Click-Demo

One-Click to Completely Take Over A macOS Device

jhftss.github.io

Mickey's Blogs

BlockViewer

Collapse and uncollapse the code block in IDA pseudocode view.

AFL

american fuzzy lop - a security-oriented fuzzer

GDA-android-reversing-Tool

GDA is a new fast and powerful decompiler for the APK, DEX, ODEX, OAT, JAR, AAR and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption and encryption etc.

iomfb-exploit

Exploit for CVE-2021-30807

ipatool

A cli tool for interacting with iOS app packages, known as ipa files.

passionfruit

[WIP] Crappy iOS app analyzer

SockFuzzer

syzkaller

syzkaller is an unsupervised coverage-guided kernel fuzzer

wtf

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows.

AFLplusplus

afl++ is afl 2.56b with community patches, AFLfast power schedules, qemu 3.1 upgrade + laf-intel support, MOpt mutators, InsTrim instrumentation, unicorn_mode, Redqueen and a lot more!

ApplicationInspector

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'what's in it' using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Blizzard-Jailbreak

An Open-Source iOS 11.0 -> 11.4.1 (soon iOS 13) Jailbreak, made for teaching purposes.

CiDllDemo

Use ci.dll API for validating Authenticode signature of files

class-dump

Generate Objective-C headers from Mach-O files.

Crescendo

Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.

frida

Clone this repo to build Frida

Fugu14

Fugu14 is an untethered iOS 14.3-14.5.1 jailbreak

Hades

Static code auditing system

HyperDbg

HyperDbg debugger is an open-source, user mode and kernel mode Windows debugger with a focus on using hardware technologies.

Nero

Code and resources for the paper: "Neural Reverse Engineering of Stripped Binaries using Augmented Control Flow Graphs"

objc2

C2 using the full power of NSExpressions to replace in memory dylib loading

PeaceMaker

PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.

retrowrite

RetroWrite -- Retrofitting compiler passes though binary rewriting

RMS-Runtime-Mobile-Security

Runtime Mobile Security (RMS) is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime

UTM

Virtual machines for iOS and macOS