ExtractKeyMaster. Exploit that extracts Qualcomm's KeyMaster keys using CVE-2015-6639 and CVE-2016-2431
364android_fde_bruteforce. Scripts to bruteforce Android's Full Disk Encryption off the device
186MSM8974_exploit. Full TrustZone exploit for MSM8974
144cve-2015-6639. QSEE Privilege Escalation Exploit using PRDiag* commands (CVE-2015-6639)
124Alohamora. Bootloader unlocking code for Motorola devices
103unify_trustlet. Unifies ".mdt" and ".bXX" files into a complete Trustlet
95cve-2014-7920-7921. Exploit code for CVE-2014-7920 and CVE-2014-7921 - code-exec in mediaserver up to Android 5.1
76cve-2016-2431. Qualcomm TrustZone kernel privilege escalation
66fuzz_zone. Fuzzing utility which enables sending arbitrary SCMs to TrustZone
62WarOfTheWorlds. QSEE Shellcode to directly hijack the "Normal World" Linux Kernel
55static_kallsyms. Rebuilds kallsyms statically from a kernel binary
43unpack_bootloader_image. Small script to unpack the bootloader image format present in Nexus 5 devices
40standalone_msm8974. Standalone C version of the MSM8974 TrustZone exploit
28qseecom_modifications. Modifications in the qseecom driver which enable FuzzZone to operate
25cve-2014-4322. CVE-2014-4322 Exploit
23unpack_motoboot. Unpacks the Motorola motoboot.img binary
20CrashAndBurn. Small injectable stub which causes Android processes to become dumpable
5