frida-scripts - A collection of my Frida

  •        395

A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.

https://www.frida.re/
https://github.com/0xdea/frida-scripts

Tags
Implementation
License
Platform

   




Related Projects

appmon - Documentation:

  •    Javascript

AppMon is an automated framework for monitoring and tampering system API calls of native macOS, iOS and android apps. It is based on Frida. This project exists thanks to all the people who contribute.

awesome-frida - Awesome Frida - A curated list of Frida resources http://www

  •    

A curated list of awesome projects, libraries, and tools powered by Frida. Frida is Greasemonkey for native apps, or, put in more technical terms, it’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript into native apps that run on Windows, Mac, Linux, iOS and Android.

objection - 📱 objection - runtime mobile exploration

  •    Python

objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. The project's name quite literally explains the approach as well, whereby runtime specific objects are injected into a running process and executed using Frida.

house - A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python

  •    Python

House: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python. It is designed for helping assess mobile applications by implementing dynamic function hooking and intercepting and intended to make Frida script writing as simple as possible. By default, House binds to http://127.0.0.1:8000.

YourView - YourView is a desktop App in MacOS based on Apple SceneKit

  •    Objective-C

YourView is a desktop App in MacOS. You can use it to view iOS App's view hierarchy. I think it could be a basic project in app view visualization. Depend on it, you may do your add-on functions's development such as visual tracking like mixpanel, iOS reverse tool just like reveal, frida, even though, you can develop android studio plugin for view debugging. Now I treat it as a iOS reverse tool. Now it is a version of 0.1, I will maintain continuedly. Open YourView/iOS/TalkingDataSDKDemo/TalkingDataSDKDemo.xcodeproj. It's a demo project with the libyourview source code as framework in it. Build and Run,keep the demo app in foreground.


Brida - The new bridge between Burp Suite and Frida!

  •    Java

Brida is a Burp Suite Extension that, working as a bridge between Burp Suite and Frida, lets you use and manipulate applications’ own methods while tampering the traffic exchanged between the applications and their back-end services/servers. It supports all platforms supported by Frida (Windows, macOS, Linux, iOS, Android, and QNX).

frida-ios-dump - pull decrypted ipa from jailbreak device

  •    Python

For SSH/SCP make sure you have your public key added to the target device's ~/.ssh/authorized_keys file. Congratulations!!! You've got a decrypted IPA file.

frida - Clone this repo to build Frida

  •    Makefile

Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. You may also download pre-built binaries for various operating systems from Frida's releases page on GitHub.

frida-core - Frida core library intended for static linking into bindings

  •    C

Frida core library intended for static linking into bindings

frida-python - Frida Python bindings

  •    C

Python bindings for Frida.

Androl4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

  •    

AndroL4b is an android security virtual machine based on ubuntu-mate includes the collection of latest framework, tutorials and labs from different security geeks and researchers for reverse engineering and malware analysis.

react-native-config - Bring some 12 factor love to your mobile apps!

  •    Objective-C

Module to expose config variables to your javascript code in React Native, supporting both iOS and Android. Keep in mind this module doesn't obfuscate or encrypt secrets for packaging, so do not store sensitive keys in .env. It's basically impossible to prevent users from reverse engineering mobile app secrets, so design your app (and APIs) with that in mind.

MARA_Framework - MARA is a Mobile Application Reverse engineering and Analysis Framework

  •    Python

MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools, to assist in testing mobile applications against the OWASP mobile security threats. Its objective is to make this task easier and friendlier to mobile application developers and security professionals. MARA is developed and maintained by @xtian_kisutsa and @iamckn. It is in its very early stages of development and there is a lot more to come, in line with our roadmap. Any contributions and suggestions to the tool will be highly appreciated.

cryptoshark - Self-optimizing cross-platform code tracer based on dynamic recompilation

  •    C++

Self-optimizing cross-platform code tracer based on dynamic recompilation, powered by Frida and Capstone. Works at the machine code level, no source code needed. Tags threads based on which APIs they use, showing you in real-time what functions have been called, allowing you to study them by carefully injecting logging and other side-effecty code. This is the blob of JavaScript that CryptoShark injects into target processes.

extractTVpasswords - tool to extract passwords from TeamViewer memory using Frida

  •    C++

  Hi there, in this article we want to tell about our little research about password security in TeamViewer. The method can help during the pentest time for post exploitation to get access to another machine using TeamViewer.   A few days ago I worked on my windows cloud VPS with TeamViewer (where I set a custom password). After work I disconnected, at the next time when I wanted to connect, I saw that TeamViewer had auto-filled the password.

passionfruit - [WIP] Crappy iOS app analyzer

  •    Javascript

Simple iOS app blackbox assessment tool. Powered by frida.re and vuejs. Please check out Wiki for more information.

ReverseAPK - Quickly analyze and reverse engineer Android packages

  •    Shell

Quickly analyze and reverse engineer Android applications. This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.

droidReverse - reverse engineering tools for android(android 逆向工程工具集)

  •    Shell

reverse engineering tools for android(android 逆向工程工具集)

Apktool - A tool for reverse engineering Android apk files

  •    Java

This is the repository for Apktool. If you are looking for the Apktool website. Click here. It is a tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. Also it makes working with app easier because of project-like files structure and automation of some repetitive tasks like building apk, etc.

owasp-mstg - The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering

  •    HTML

This is the official GitHub Repository of the OWASP Mobile Security Testing Guide (MSTG). The MSTG is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). You can also read the MSTG on Gitbook or download it as an e-book. The MSTG is not complete yet. You can however get intermediate builds in multiple formats.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.