This script hooks into macOS amfid to grant restricted entitlements to selected executables. Tested on macOS 15.4.
Only disabling Debugging Restrictions (ALLOW_TASK_FOR_PID) is
required and other SIP restrictions can be left enabled:
James Gill JJTech0130
JJTech0130
/ iap2.lua
Last active
May 9, 2026 21:32
iAP2 (iPod Accessory Protocol 2) Wireshark Dissector
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- iAP2 (iPod Accessory Protocol 2) | |
| -- | |
| -- Layers: | |
| -- 1. iAP2 Link — packet framing, control flags, checksums | |
| -- 2. iAP2 Session — payload interpretation based on session type | |
| -- a. Control Session messages with parameters | |
| -- b. File Transfer Session datagrams | |
| -- c. External Accessory Session datagrams | |
| -- ============================================================ |
JJTech0130
/ libressllog.js
Created
May 9, 2026 06:17
SSL keylogging for libssl.35.dylib for MobileDevice.framework
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // This script implements SSL keylogging for libssl.35.dylib, which is an old version of LibreSSL. | |
| // Primarily intended to be used when debugging MobileDevice.framework, which uses it for some reason. | |
| var mod = Process.getModuleByName("libssl.35.dylib"); | |
| var gen_master = mod.findExportByName("tls1_generate_master_secret"); | |
| var keylogPath = '/tmp/keylog.txt'; | |
| var keylog = new File(keylogPath, "a"); | |
| var toHex = function(arr) { |
JJTech0130
/ usbmuxd.lua
Last active
May 24, 2026 12:12
— forked from axelkar/usbmuxd.lua
Usbmuxd protocol dissector for Wireshark. Passes TCP to Wireshark's built-in TCP dissector
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| local proto_usbmuxd = Proto("usbmuxd", "Usbmuxd Protocol") | |
| proto_usbmuxd.fields.protocol = ProtoField.uint32("usbmuxd.protocol", "Message Kind", base.DEC) | |
| proto_usbmuxd.fields.length = ProtoField.uint32("usbmuxd.length", "Length", base.DEC) | |
| proto_usbmuxd.fields.magic = ProtoField.uint32("usbmuxd.magic", "Magic", base.HEX) | |
| proto_usbmuxd.fields.tx_seq = ProtoField.uint16("usbmuxd.tx_seq", "Transmit sequence", base.DEC) | |
| proto_usbmuxd.fields.rx_seq = ProtoField.uint16("usbmuxd.rx_seq", "Receive sequence", base.DEC) | |
| proto_usbmuxd.fields.version_major = ProtoField.uint32("usbmuxd.version_major", "Major version", base.DEC) | |
| proto_usbmuxd.fields.version_minor = ProtoField.uint32("usbmuxd.version_minor", "Minor version", base.DEC) |
JJTech0130
/ jjg_asm.py
Created
April 28, 2026 19:42
jjgRISC assembler for Digital Systems II at RIT
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| jjgRISC assembler | |
| Assembles fmlRISC assembly (.s) to Altera .mif format. | |
| Based on dxp_asm, which is written in C, aimed to be implemented in a cleaner way. | |
| I added support for .equ and .word directives, .word doesn't happen to be very useful for SMIOP due to the fact that you can't load PM into registers. | |
| Also, I fixed the jump implementation. Needs a second pass to calculate the label address to jump to first. | |
| I implemented support for all memnotics for all IDNs, so hopefully it should be usable for everyone. |
JJTech0130
/ ConsumerKeys.swift
Created
March 7, 2026 09:17
Creating fake/virtual USB devices on macOS using IOUSBHostControllerInterface
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ConsumerKeys.swift | |
| // Boot-protocol keyboard that reports keycodes in Consumer page (0x0C). | |
| // iOS maps consumer page usages received this way to system actions. | |
| import Foundation | |
| public final class ConsumerKeys: SyntheticHID { | |
| // MARK: - Consumer usages sent as boot-keyboard keycodes (page 0x0C, ≤ 0xFF) |
JJTech0130
/ VZUSBPassthrough.swift
Last active
March 7, 2026 09:23
Using USB passthrough with Virtualization.framework
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import Dynamic | |
| import Foundation | |
| import IOKit | |
| import Virtualization | |
| enum PassthroughError: Error { | |
| case deviceNotFound(vendor: Int, product: Int) | |
| case failedToCreateDeviceConfig(underlyingError: Error?) | |
| case failedToCreateDevice(underlyingError: Error?) | |
| case failedToAttachDevice(underlyingError: Error) |
JJTech0130
/ README.md
Created
March 3, 2026 13:15
— forked from zhaofengli/README.md
Selectively bypass entitlement validation by debugging amfid
JJTech0130
/ scorify_batch.py
Created
February 7, 2026 05:28
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import csv | |
| import sys | |
| import requests | |
| from typing import Dict, Any, Optional | |
| # Configuration | |
| BASE_URL = "https://scorify.local" | |
| GRAPHQL_URL = f"{BASE_URL}/api/query" |
JJTech0130
/ scorify_minion.py
Last active
February 7, 2026 02:00
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import argparse | |
| import json | |
| import time | |
| import threading | |
| from datetime import datetime, timezone | |
| from typing import Dict, Any, Tuple, List | |
| import pika | |
| from pika.adapters.blocking_connection import BlockingChannel |
JJTech0130
/ carrier_bundle.py
Created
October 29, 2025 01:06
Fetch carrier bundle info from iTunes servers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import json | |
| import plistlib | |
| import requests | |
| import zipfile | |
| from io import BytesIO | |
| try: | |
| from rich import print | |
| except ImportError: | |
| print=print |
NewerOlder