Overview

Virtual Devices

Digital twins of Arm-powered hardware from phones to routers to automotive systems.

Hypervisor

Corellium Hypervisor for Arm (CHARM) is a type 1 hypervisor and the only one of its kind.

Arm Server

Virtual models run on Arm, just like their physical counterparts, combining native fidelity with on-demand availability.

Powerful Mobile Testing Automation Tools

• Access – Root or jailbreak devices instantly, no need to add code or use security vulnerabilities.
• Control – Configure device inputs, identifiers, sensors, location, and environment.
• X-Ray Vision – OS, app, file, and system call analytics and control.
• Introspection – Low-level kernel debugging and boot control.
• Network Analysis – Traffic inspection, tracing, and logging.
• Replication – Snapshot, clone, and share devices.
• Teaming – Easy project workspace management and team collaboration.
• Tooling – Simple connection of your favorite tools and systems.

Incredible virtual models

We provide a collection of virtual devices, or you can build your own.

iOS Testing Tools

Our iOS devices can be spun up jailbroken or non-jailbroken to facilitate security research and testing.

Android Testing Tools

Our Android models are based on Ranchu and can be rooted with permissive SELinux enforcement.

loT & Auto Library

We've partnered with Arm to provide a processor and system board model library.

Custom Models

You can create your own entirely new hardware device models or extend existing ones.

Powerful tools

Our tools are more than just a pretty screen. Powerful, built-in tools are purpose-built by developers and security experts. They enable unprecedented embedded software accessibility and introspection. The Corellium platform is accessible via a browser, CLI, or API.

Instant, seamless iOS jailbreaking

Because Corellium controls the whole software stack, we don't rely on iOS vulnerabilities to gain root access: we simply built root access in. One-click provides reliable access to untethered, jailbroken virtual devices across all iPhone models and iOS versions, typically within days of release, including betas, without using tools that withhold vulnerabilities from the OS vendor.

Designed for discovery

Our built-in tools help you research, debug, test, and explore digital twins of physical devices.

Connect

Quick Connect allows you to connect to virtual devices without a VPN. Connect via XCode, Finders, or libimobile script, and to jailbroken iOS via SSH, and Android via ADB or IDE. And easily use your favorite tools like Burp or Charles Proxy.

Files

Navigate, search, and manage the device filesystem directly from our UI, CLI, or API.

Apps

Manage and install apps from the UI, ADB or IDE. Load, launch, kill, and uninstall apps right in your browser.

Network Monitor

Monitor network traffic by process, port, IP, or PID. Also capture and inspect the flow of HTTPS traffic while transparently disabling certificate pinning.

CoreTrace

Trace and log system calls for dynamic analysis to understand a program's behavior in realtime.

Frida

Our pre-integrated Frida console makes scripting and hooking a process a snap. And easily interface directly with frida-server from your local machine.

Console

View system and kernel logs in realtime, and quickly run commands without needing to connect over ADB or SSH.

Port Forwarding

Enable port forwarding on iOS devices so they can interact in depth with systems on your local network.

Messaging

Simulate receiving text messages on your virtual iOS device.

HyperTrace

Map the exact execution paths inside the kernel, which can be useful for diagnosing kernel issues or integrated into coverage-guided fuzzers to assist with finding new inputs.

Kernel Hooks

Hook into the kernel and run short pieces of code before the trapped instruction.