Home

Awesome

Driver Security Analyzer

This repository contains the source code of iDEA (an alias for Apple Driver Security Analyzer), our static analysis tool for analyzing the security of Apple kernel drivers.

Compatibility

iDEA works on IDA pro 7.0. It is able to analyze x86_64 (macOS) and arm64 (iOS/iPadOS/tvOS) binaries. It's analysis on arm64e binaires, i.e, binaries with PAC tags (e.g., watchOS), is not complete yet.

Description of directories

Requirements

Some functionalities in iDEA use Capstone disassembler and Triton symbolic execution engine. Please install Capstone and Triton before using iDEA. Some results of iDEA will be stored in mongodb, please also install mongodb and pymongo first.