{"id":13646842,"url":"https://github.com/blacktop/ipsw","last_synced_at":"2026-04-16T06:06:54.630Z","repository":{"id":38553671,"uuid":"146060123","full_name":"blacktop/ipsw","owner":"blacktop","description":"iOS/macOS Research Swiss Army Knife","archived":false,"fork":false,"pushed_at":"2026-03-30T19:27:13.000Z","size":209226,"stargazers_count":3297,"open_issues_count":26,"forks_count":252,"subscribers_count":34,"default_branch":"master","last_synced_at":"2026-03-30T21:23:27.684Z","etag":null,"topics":["apple","class-dump","dyld","dyld-shared-cache","firmware","golang","img4","ios","ipsw","kernelcache","lzfse","lzss","macho","macho-parser","macos","ota","swift","swift-dump"],"latest_commit_sha":null,"homepage":"https://blacktop.github.io/ipsw","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/blacktop.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"patreon":"blacktop_","ko_fi":"blacktop"}},"created_at":"2018-08-25T03:05:41.000Z","updated_at":"2026-03-30T20:46:37.000Z","dependencies_parsed_at":"2025-12-06T10:07:13.462Z","dependency_job_id":null,"html_url":"https://github.com/blacktop/ipsw","commit_stats":{"total_commits":4008,"total_committers":19,"mean_commits":"210.94736842105263","dds":"0.040668662674650746","last_synced_commit":"befcc74bb89eb58708d3880bb0147e36488c0b26"},"previous_names":[],"tags_count":946,"template":false,"template_full_name":null,"purl":"pkg:github/blacktop/ipsw","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blacktop%2Fipsw","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blacktop%2Fipsw/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blacktop%2Fipsw/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blacktop%2Fipsw/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/blacktop","download_url":"https://codeload.github.com/blacktop/ipsw/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blacktop%2Fipsw/sbom","scorecard":{"id":242308,"data":{"date":"2025-08-11","repo":{"name":"github.com/blacktop/ipsw","commit":"e1ad160d0d461c9abf1ce28f81d772e2496ec343"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.8,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/29 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:24","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:25","Info: jobLevel 'contents' permission set to 'read': .github/workflows/docker-image.yml:19","Warn: no topLevel permission defined: .github/workflows/apple-meta.yml:1","Warn: no topLevel permission defined: .github/workflows/claude.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/depsreview.yaml:5","Warn: no topLevel permission defined: .github/workflows/discord.yml:1","Warn: no topLevel permission defined: .github/workflows/docker-image.yml:1","Warn: no topLevel permission defined: .github/workflows/docs.yml:1","Warn: no topLevel permission defined: .github/workflows/go.yml:1","Warn: no topLevel permission defined: .github/workflows/goproxy.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/stale.yml:1","Warn: no topLevel permission defined: .github/workflows/update-entitlements-db.yml:1","Warn: no topLevel permission defined: .github/workflows/update-fcs-keys.yml:1","Warn: no topLevel permission defined: .github/workflows/webkit-meta.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/docker-image.yml:14"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/apple-meta.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/apple-meta.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/apple-meta.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/apple-meta.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/apple-meta.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/apple-meta.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/claude.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/claude.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/claude.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/claude.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/depsreview.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/depsreview.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/depsreview.yaml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/depsreview.yaml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/discord.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/discord.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/discord.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/discord.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-image.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docker-image.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docker-image.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docker-image.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docker-image.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docker-image.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docker-image.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docker-image.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-image.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docker-image.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docs.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/go.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/goproxy.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/goproxy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/goproxy.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/goproxy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/stale.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-entitlements-db.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/update-entitlements-db.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-entitlements-db.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/update-entitlements-db.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-fcs-keys.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/update-fcs-keys.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-fcs-keys.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/update-fcs-keys.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/webkit-meta.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/webkit-meta.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/webkit-meta.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/webkit-meta.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/webkit-meta.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/blacktop/ipsw/webkit-meta.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:4","Warn: containerImage not pinned by hash: Dockerfile:21: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Warn: containerImage not pinned by hash: Dockerfile.daemon:4","Warn: containerImage not pinned by hash: Dockerfile.daemon:20: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Info: 3 out of 36 GitHub-owned GitHubAction dependencies pinned","Info: 2 out of 12 third-party GitHubAction dependencies pinned","Info: 0 out of 4 containerImage dependencies pinned","Info: 2 out of 2 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":8,"reason":"5 out of the last 5 releases have a total of 5 signed artifacts.","details":["Info: signed release artifact: checksums.txt.sig: https://github.com/blacktop/ipsw/releases/tag/v3.1.623","Info: signed release artifact: checksums.txt.sig: https://github.com/blacktop/ipsw/releases/tag/v3.1.622","Info: signed release artifact: checksums.txt.sig: https://github.com/blacktop/ipsw/releases/tag/v3.1.621","Info: signed release artifact: checksums.txt.sig: https://github.com/blacktop/ipsw/releases/tag/v3.1.620","Info: signed release artifact: checksums.txt.sig: https://github.com/blacktop/ipsw/releases/tag/v3.1.619","Warn: release artifact v3.1.623 does not have provenance: https://api.github.com/repos/blacktop/ipsw/releases/232398143","Warn: release artifact v3.1.622 does not have provenance: https://api.github.com/repos/blacktop/ipsw/releases/232084547","Warn: release artifact v3.1.621 does not have provenance: https://api.github.com/repos/blacktop/ipsw/releases/229882816","Warn: release artifact v3.1.620 does not have provenance: https://api.github.com/repos/blacktop/ipsw/releases/229803203","Warn: release artifact v3.1.619 does not have provenance: https://api.github.com/repos/blacktop/ipsw/releases/228879423"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: SAST configuration detected: CodeQL","Info: all commits (1) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"17 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-q7pp-wcgr-pffx","Warn: Project is vulnerable to: GO-2025-3829","Warn: Project is vulnerable to: GO-2025-3548","Warn: Project is vulnerable to: GO-2025-3557","Warn: Project is vulnerable to: GO-2025-3558","Warn: Project is vulnerable to: GO-2025-3559","Warn: Project is vulnerable to: GO-2025-3582","Warn: Project is vulnerable to: GO-2025-3689","Warn: Project is vulnerable to: GO-2025-3695","Warn: Project is vulnerable to: GO-2025-3824","Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v","Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-f7f6-9jq7-3rqj","Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh","Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42","Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-17T06:53:32.297Z","repository_id":38553671,"created_at":"2025-08-17T06:53:32.297Z","updated_at":"2025-08-17T06:53:32.297Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31307347,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apple","class-dump","dyld","dyld-shared-cache","firmware","golang","img4","ios","ipsw","kernelcache","lzfse","lzss","macho","macho-parser","macos","ota","swift","swift-dump"],"created_at":"2024-08-02T01:03:09.686Z","updated_at":"2026-04-02T13:54:53.623Z","avatar_url":"https://github.com/blacktop.png","language":"Go","readme":"\u003cp align=\"center\"\u003e\n \u003ca href=\"https://github.com/blacktop/ipsw\"\u003e\u003cimg alt=\"IPSW Logo\" src=\"https://github.com/blacktop/ipsw/raw/master/www/static/img/logo/ipsw.svg\" height=\"140\" /\u003e\u003c/a\u003e\n \u003ch1 align=\"center\"\u003eipsw\u003c/h1\u003e\n \u003ch4\u003e\u003cp align=\"center\"\u003eiOS/macOS Research Swiss Army Knife\u003c/p\u003e\u003c/h4\u003e\n \u003cp align=\"center\"\u003e\n \u003ca href=\"https://github.com/blacktop/ipsw/actions\" alt=\"Actions\"\u003e\n \u003cimg src=\"https://github.com/blacktop/ipsw/actions/workflows/go.yml/badge.svg\" /\u003e\u003c/a\u003e\n \u003ca href=\"https://github.com/blacktop/ipsw/releases/latest\" alt=\"Downloads\"\u003e\n \u003cimg src=\"https://img.shields.io/github/downloads/blacktop/ipsw/total.svg\" /\u003e\u003c/a\u003e\n \u003ca href=\"https://github.com/blacktop/ipsw/releases\" alt=\"GitHub Release\"\u003e\n \u003cimg src=\"https://img.shields.io/github/release/blacktop/ipsw.svg\" /\u003e\u003c/a\u003e\n \u003ca href=\"http://doge.mit-license.org\" alt=\"LICENSE\"\u003e\n \u003cimg src=\"https://img.shields.io/:license-mit-blue.svg\" /\u003e\u003c/a\u003e\n\u003c/p\u003e\n\u003cbr\u003e\n\n## What is `ipsw` šŸ¤”\n\n**ipsw** is a comprehensive command-line research framework for iOS and macOS. It provides an extensive toolkit for security researchers, reverse engineers, jailbreak developers, and iOS enthusiasts to download, parse, and analyze Apple firmware and interact with iOS devices.\n\n### Core Capabilities\n\n- šŸ“± **IPSW/OTA Analysis** - Download, extract, and analyze iOS firmware files\n- šŸ” **Binary Analysis** - Advanced Mach-O parsing with ARM disassembly and AI assistance \n- šŸ§  **dyld_shared_cache** - Complete shared cache analysis with ObjC/Swift class dumping\n- šŸ”§ **Kernel Analysis** - Kernelcache parsing, syscall extraction, and symbolication\n- šŸ“² **Device Interaction** - Comprehensive iOS device management and debugging\n- šŸ” **Firmware Research** - IMG4, iBoot, SEP, and co-processor firmware analysis\n- šŸŖ **App Store Connect** - Full API integration for app and certificate management\n- šŸ› ļø **Developer Tools** - SSH, Frida, debugging, and reverse engineering utilities\n\n## Quick Start\n\n### Installation\n\n#### macOS\nUsing blacktop tap (includes extras)\n```bash\nbrew install blacktop/tap/ipsw\n```\nUsing official Homebrew formula\n```bash\nbrew install ipsw\n```\n\n#### Linux\n```bash\nsudo snap install ipsw\n```\n\n#### Windows\n```bash\nscoop bucket add blacktop https://github.com/blacktop/scoop-bucket.git \nscoop install blacktop/ipsw\n```\n\n### Basic Usage\n\n```bash\n# Download latest iOS IPSW\nipsw download ipsw --device iPhone16,1 --latest\n\n# Extract kernelcache\nipsw extract --kernel iPhone16,1_18.2_22C150_Restore.ipsw\n\n# Analyze dyld_shared_cache\nipsw dyld info /path/to/dyld_shared_cache_arm64\n\n# Get device information\nipsw idev list\n```\n\n## Major Features\n\n### šŸ“± IPSW \u0026 OTA Management\n- **Download Sources**: Apple, AppleDB, Developer Portal, RSS feeds, GitHub, iTunes, Wikipedia\n- **File Types**: IPSW, OTA, macOS installers, Xcode, KDKs, PCC files\n- **Operations**: Extract, diff, mount, analyze metadata\n\n```bash\nipsw download ipsw --device iPhone16,1 --latest\nipsw extract --kernel iPhone16,1_18.2_22C150_Restore.ipsw\nipsw diff iPhone16,1_18.1_22B83_Restore.ipsw iPhone16,1_18.2_22C150_Restore.ipsw\n```\n\n### šŸ” Binary Analysis \u0026 Reverse Engineering\n- **Mach-O Parsing**: Complete binary analysis with symbol extraction\n- **ARM Disassembly**: ARM v9-a disassembler with AI-powered analysis\n- **Code Signing**: Verify signatures, analyze entitlements\n- **Binary Patching**: Add, modify, or remove patches\n\n```bash\nipsw macho info /path/to/binary\nipsw macho disass /path/to/binary --symbol _main\nipsw macho search /path/to/binary --string \"password\"\n```\n\n### šŸ§  dyld_shared_cache Analysis\n- **Cache Parsing**: Extract and analyze the complete shared cache structure\n- **ObjC Analysis**: Class dumps, method analysis, protocol parsing\n- **Swift Support**: Swift class dumping and analysis (experimental)\n- **Symbol Management**: Symbol extraction and address resolution\n\n```bash\nipsw dyld info /path/to/dyld_shared_cache\nipsw dyld extract /path/to/dyld_shared_cache --dylib Foundation\nipsw dyld objc class /path/to/dyld_shared_cache --class NSString\n```\n\n### šŸ“² iOS Device Interaction (`idev`)\n- **File System**: Browse and transfer files via AFC\n- **App Management**: Install, uninstall, and analyze applications\n- **Backup \u0026 Restore**: Complete device backup operations\n- **Development**: Mount developer images, capture logs, packet capture\n- **Diagnostics**: Battery info, crash logs, system diagnostics\n\n```bash\nipsw idev list\nipsw idev afc ls /\nipsw idev apps ls\nipsw idev backup create\nipsw idev syslog\n```\n\n### šŸ” Firmware \u0026 Security Analysis\n- **IMG4**: Parse and decrypt Image4 format files\n- **iBoot**: Bootloader analysis and research\n- **SEP**: Secure Enclave Processor firmware analysis\n- **AEA**: Apple Encrypted Archives decryption\n- **Co-processors**: AOP, DCP, GPU, Camera firmware analysis\n\n```bash\nipsw img4 dec iBoot.img4\nipsw fw sep iPhone16,1_18.2_22C150_Restore.ipsw\nipsw fw iboot iPhone16,1_18.2_22C150_Restore.ipsw\n```\n\n### šŸŖ App Store Connect Integration\n- **Certificate Management**: iOS/macOS certificates and profiles\n- **Device Registration**: Manage development devices\n- **App Management**: Bundle IDs, capabilities, and reviews\n- **Provisioning**: Complete provisioning profile lifecycle\n\n```bash\nipsw appstore cert ls\nipsw appstore device reg --name \"My Device\" --udid 1234567890\nipsw appstore profile create --name \"Development Profile\"\n```\n\n### šŸ› ļø Advanced Research Tools\n- **Symbolication**: Crash log analysis and symbol resolution\n- **Class Dumping**: ObjC and Swift class extraction\n- **SSH Access**: Jailbroken device SSH with debugserver\n- **Frida Integration**: Dynamic instrumentation capabilities\n- **AI Powered Decompiler**: Integration with Claude, OpenAI, Gemini, Ollama and OpenRouter\n\n```bash\nipsw symbolicate crash.ips --dsym /path/to/symbols\nipsw class-dump /path/to/binary\nipsw ssh debugserver\n```\n\n## Architecture\n\n**ipsw** consists of two main components:\n\n- **`ipsw`** - Main CLI tool with complete analysis capabilities\n- **`ipswd`** - REST API daemon for remote operations and automation\n\n## Configuration\n\nipsw supports YAML configuration files and environment variables:\n\n```bash\n# Create config directory\nmkdir -p ~/.config/ipsw\n\n# Copy example config\ncp config.example.yml ~/.config/ipsw/config.yaml\n```\n\n### Database Support\n- **SQLite** (default) - Local storage\n- **PostgreSQL** - Production deployments\n\n### AI Decompiler\n\u003e https://blacktop.github.io/ipsw/docs/guides/decompiler\n```bash\nā± ipsw macho disass /System/Library/PrivateFrameworks/ApplePushService.framework/apsd --entry \\\n --dec --dec-model \"Claude 3.7 Sonnet\"\n ā€¢ Loading symbol cache file...\n ā€¢ Decompiling... šŸ•’\n```\n```objc\nint main(int argc, char *argv[]) {\n @autoreleasepool {\n __set_user_dir_suffix(@\"com.apple.apsd\");\n\n @autoreleasepool {\n APSDaemon *daemon = [[APSDaemon alloc] init];\n\n if (daemon) {\n NSRunLoop *runLoop = [NSRunLoop currentRunLoop];\n [runLoop run];\n [runLoop release];\n }\n\n [daemon release];\n }\n\n return 0;\n }\n\n @catch (NSException *exception) {\n if ([exception reason] == 1) {\n id exceptionObj = [exception retain];\n id logger = [APSLog daemon];\n\n if (_os_log_type_enabled(logger, 0x11)) {\n [exceptionObj logWithLogger:logger];\n }\n\n [logger release];\n [exceptionObj release];\n }\n }\n}\n```\n\n## Use Cases\n\n### Security Research\n- Vulnerability analysis and exploit development\n- Firmware security assessment\n- Binary reverse engineering\n\n### Jailbreak Development \n- Bootchain analysis and exploitation\n- Kernel extension research\n- System modification and patching\n\n### iOS Development\n- App debugging and analysis\n- Certificate and provisioning management\n- Device testing and automation\n\n### Digital Forensics\n- Device data extraction and analysis\n- Timeline reconstruction\n- Artifact analysis\n\n## Requirements\n\n- **Go**: 1.24+ (for building from source)\n- **Platform**: macOS, Linux, Windows\n- **USB**: libusb for device interaction\n- **Optional**: AI API keys for enhanced analysis\n\n## Documentation\n\n- **Website**: [https://blacktop.github.io/ipsw](https://blacktop.github.io/ipsw)\n- **API Docs**: REST API documentation available at `/docs` when running `ipswd`\n- **Examples**: Comprehensive usage examples in the documentation\n\n### SKILL.md\n\nSuper charge your AI agents with `ipsw` super powers\n\n```bash\nnpx skills add https://github.com/blacktop/ipsw-skill --skill ipsw\n```\n\n### šŸ†• AI-Powered Wiki\n\nAsk questions about the repository using AI:\n- [DeepWiki for IPSW](https://deepwiki.com/blacktop/ipsw)\n\n\u003e [!WARNING]\n\u003e AI responses may contain hallucinations - verify important information.\n\n## Community Resources\n\n### šŸ“Š IPSW Diffs\nPre-computed firmware differences: [ipsw-diffs](https://github.com/blacktop/ipsw-diffs)\n\n### šŸ’¬ Community\n\n[![Discord](https://img.shields.io/badge/DISCORD-5865F2?style=for-the-badge\u0026logo=discord\u0026logoColor=white)](https://discord.gg/BEamsHAWAh)\n[![GitHub Discussions](https://img.shields.io/badge/GITHUB_DISCUSSION-181717?style=for-the-badge\u0026logo=github\u0026logoColor=white)](https://github.com/blacktop/ipsw/discussions)\n\n## Contributing\n\nWe welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.\n\n### Development\n```bash\ngit clone https://github.com/blacktop/ipsw.git\ncd ipsw\nmake build\n```\n\n## Known Issues\n\n- **macOS IPSW Support**: Some macOS firmware operations may have compatibility issues\n- **Testing**: Comprehensive testing is challenging due to the variety of firmware versions and device types\n- **Resource Intensive**: Some operations require significant memory and processing power\n\n\u003e Create an [issue](https://github.com/blacktop/ipsw/issues) if you encounter problems - fixes are prioritized! A comprehensive test suite is planned for future releases.\n\n## Credits\n\nHuge thanks to:\n- **Jonathan Levin** for his legendary tools and comprehensive iOS internals documentation\n- **The iOS research community** for continuous innovation and knowledge sharing\n- All contributors who help make this project better\n\n## Stargazers\n\n[![Stargazers over time](https://starchart.cc/blacktop/ipsw.svg?variant=adaptive)](https://starchart.cc/blacktop/ipsw)\n\n## License\n\nMIT Copyright (c) 2018-2026 **blacktop**","funding_links":["https://patreon.com/blacktop_","https://ko-fi.com/blacktop"],"categories":["Go","Uncategorized","Weapons"],"sub_categories":["Uncategorized","iOS"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblacktop%2Fipsw","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fblacktop%2Fipsw","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblacktop%2Fipsw/lists"}