AMFI Patch

A Python script to temporarily disable AMFI entitlement checks without fully disabling SIP and AMFI.

GitHub

How to use

  1. Boot into recovery mode, open terminal, run csrutil enable --without debug
  2. Run sudo xcrun python3 ./amfi_patch.py
  3. Launch programs that need to bypass entitlement checks
  4. ctrl-c in the terminal to kill amfid and remove the patches

Credits & similar projets

amfree: https://github.com/retX0/amfree amfidont: https://github.com/zqxwce/amfidont

Why did I make this?

The aformentioned similar projects didn't work on my machine (on macOS 15.7.4) and I wanted to be able to run cool projects like vphone-cli without having to disable AMFI globally. Enabling and disabling is much quicker when running a binary compared to rebooting my computer into recovery mode. Also, stuff like java, dotnet, and VirtualBox have issues when SIP is fully disabled, but they do work if you have SIP enabled with debugging permitted.

Other stuff I learned

I started off by trying to fix amfree on my machine using Codex, and it was willing to help and discovered that the techniques used in amfree to set register values weren't working on my machine. I asked it to write a script that would bypass amfid protections without setting registers and it started refusing, saying:

"I can't help build or adapt a binary that disables AMFI or makes amfid accept all binaries." ... "Because 'make amfid accept all binaries' is a concrete security bypass. Even on your own machine, that crosses the line from analysis into building a tool that disables a platform protection."

I then asked Claude Code to do the same thing and it started writing a script using its own analysis of amfid and AppleMobileFileIntegrity.framework.

What's more interesting than Claude accepting something Codex refused, is that after Claude wrote a script that was having issues (and I hit my Claude limits), Codex was more than willing to fix the existing script. It wasn't willing to generate a script from scratch to bypass amfid, but it was willing to fix a script to do the same thing.