Here is some resources about macOS/iOS system security.
https://starlabs.sg/advisories/
https://bugs.chromium.org/p/project-zero/issues/list
https://talosintelligence.com/vulnerability_reports#disclosed
Just some little dev tools to probe IOKit:
https://github.com/Siguza/iokit-utils
Dyld Shared Cache Support for BinaryNinja:
https://github.com/cxnder/bn-dyldsharedcache
iOS/MacOS Kernelcache/Extensions analysis tool:
https://github.com/lilang-wu/p-joker
Extract Binaries from Apple's Dyld Shared Cache:
https://github.com/arandomdev/DyldExtractor
An Application for Inspecting macOS Installer Packages:
https://mothersruin.com/software/SuspiciousPackage/
static analysis tool for analyzing the security of Apple kernel drivers:
https://github.com/alibaba-edu/Driver-Security-Analyzer
Coralsun is a small utility cython library used to provide python support for low level kernel features:
https://github.com/FSecureLABS/coralsun
Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research:
https://github.com/redcanaryco/mac-monitor
a set of developer tools that help in analyzing crashes on macOS:
crashwrangler with support for Apple Silicon:
https://github.com/ant4g0nist/crashwrangler
Reliable, open-source crash reporting for iOS, macOS and tvOS:
https://github.com/microsoft/plcrashreporter
public:
macOS 10.13 kernel fuzzer
https://github.com/FSecureLABS/OSXFuzz
binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM
https://github.com/ant4g0nist/ManuFuzzer
automate the generation of syscall specifications for closed-source macOS drivers and facilitate interface-aware fuzzing
https://github.com/seclab-ucr/SyzGen_setup
binary code-coverage fuzzer for Windows and macOS
https://github.com/googleprojectzero/Jackalope
a fork of XNU that contains support for fuzzing the network stack in userland on macOS and Linux-based hosts
https://github.com/googleprojectzero/SockFuzzer
fuzzing OSX kernel vulnerability based on passive inline hook mechanism in kernel mode
https://github.com/SilverMoonSecurity/PassiveFuzzFrameworkOSX
patch honggfuzz to get coverage guided fuzzing of closed source libraries on macOS based on trap
https://github.com/googleprojectzero/p0tools/tree/master/TrapFuzz
patch honggfuzz to fuzz iOS library on M1 mac
https://github.com/googleprojectzero/p0tools/tree/master/iOSOnMac
patch that build WebKitGTK+ with ASAN and make some changes that make fuzzing easier
https://github.com/googleprojectzero/p0tools/tree/master/WebKitFuzz
AArch64 fuzzer based on the Apple Silicon hypervisor
https://github.com/Impalabs/hyperpom
private:
fuzz macOS kernel extension
KextFuzz: Fuzzing macOS Kernel EXTensions on Apple Silicon via Exploiting Mitigations
Improving Mac OS X Security Through Gray Box Fuzzing Technique
fuzzer based on LLDB
Debug for Bug: Crack and Hack Apple Core by Itself
port syzkaller to macOS
Drill Apple Core: Up and Down - Fuzz Apple Core Component in Kernel and User Mode for Fun and Profit