Security researchers performed a systematic reverse‑engineering study of Amazon Kindle's DRM, revealing the PBKDF2‑based key derivation, extracting the AES‑256 key through static .NET decompilation and dynamic Frida tracing, and demonstrating full decryption of protected e‑books.
This article details a step‑by‑step method to embed Frida scripts directly into Android binaries, creating a root‑free, self‑contained Xposed module by compiling a custom Frida‑gadget, editing ELF/PE files, adding magic markers, and automating packaging with Rust and apktool.
This guide demonstrates how to locate a target .so library’s base address on Android, compute the offset of a native method, and use the ShadowHook framework to hook the function, replacing its implementation with a stub that always returns true, complete with CMake setup and Java loading steps.
This guide walks through using Frida to hook common Android methods, print stack traces, and extract runtime data, providing ready-to-use code snippets for functions like HashMap.put, ArrayList.add, TextUtils.isEmpty, Base64 encoding, and UI event handling.
This tutorial demonstrates how to reverse‑engineer the X‑Product Android app, locate the dynamic newSign parameter, hook the RequestUtils.c method with Frida, and expose it via an RPC‑based FastAPI service to generate valid signed requests for the search API.
This article demonstrates how to employ Frida's RPC forwarding to intercept and bypass encryption in a mobile app, providing step‑by‑step environment setup, hook scripts, and a FastAPI service that enables Python‑based crawling of protected API endpoints.
This tutorial demonstrates how to use Frida to hook Java‑level encryption functions in Android apps, covering preparation utilities, self‑exfiltration of MD5, SHA1, MAC, DES/AES/RSA, and signature algorithms with detailed code snippets and visual examples.
This comprehensive tutorial walks through using Frida to hook Android applications, covering official API references, loading APKs, hooking normal and static methods, modifying parameters and return values, handling constructors, inner and anonymous classes, enumerating loaded classes and methods, dynamic dex loading, selective hooking, and practical examples such as programmatically clicking a login button, all illustrated with clear code snippets and explanations.
This tutorial walks you through setting up a Python virtual environment, installing Frida and frida‑server on a rooted Android device, configuring the server, verifying the connection, and writing JavaScript hooks to intercept login functions, complete with code snippets, command examples, and troubleshooting tips.
This guide walks through configuring and using Frida's server, gadget, and inject tools on Android devices, detailing installation steps, command‑line usage, persistent and non‑persistent hooking methods, and common pitfalls to avoid for effective mobile reverse engineering.
This open‑source C++ mock framework leverages Frida‑gum to replace any function—including static, member, virtual, and library calls—at runtime without source changes, offering simple MOCK and MOCK_RETURN macros, call‑count expectations, automatic scope‑based rollback, and cross‑platform support for reliable, non‑intrusive unit testing.
This article explains the principles behind IL2CPP memory parsing, demonstrates how to use exported Unity functions via Frida to retrieve assemblies, classes, and methods, and shows techniques for identifying protobuf messages and handling version differences and anti‑tamper protections.
This tutorial walks through jailbreaking an iPhone, configuring Cydia and Frida, then using either dumpdecrypted or frida‑ios‑dump to strip the App Store protection shell, rebuild the IPA with a decrypted binary, and extract class headers, while addressing typical connection and compatibility problems.
This guide demonstrates how to use Frida for Android reverse engineering, covering essential commands, stack tracing, and practical hook scripts for common methods such as HashMap.put, Base64.encodeToString, and UI event listeners, enabling developers to locate and analyze encryption logic within apps.
This tutorial demonstrates how to capture and reproduce the dynamic newSign parameter of the X‑Wu Android app by reverse‑engineering the request‑signing method with Frida, exposing it via an RPC server, and then using the generated signature to call the official search API.
This article explains how to employ Frida RPC to intercept and forward encrypted mobile app requests, demonstrates the required environment, provides hook scripts for encryption and decryption, and shows how to wrap them in a FastAPI service for automated crawling.
This tutorial demonstrates how to use Frida to hook Java-level encryption functions on Android, covering MD5, SHA1, MAC, DES/AES/RSA ciphers, and signature algorithms by intercepting update, digest, init, and doFinal methods and logging their inputs and outputs in various formats.
This tutorial walks you through using Frida to hook Android applications, covering API basics, method interception, constructor and field manipulation, overload handling, dynamic class loading, and practical code snippets for both static and instance methods, all while emphasizing safe, educational use.
This tutorial walks you through installing Frida, setting up a Python virtual environment, deploying frida‑server to an Android device, and writing JavaScript hooks to intercept app functions, providing detailed commands, code snippets, and verification steps for effective mobile reverse‑engineering.
This article walks through static analysis and Frida hooking of an Android app’s login flow, dissecting the JsonRequest, RequestUtil, and encryption steps, then reproduces the MD5‑based sign generation and DES‑CBC encryption in JavaScript, providing full code snippets and explanations.
This article provides a comprehensive overview of Android app hardening methods, detailing the evolution from first‑generation dex and so protection to advanced code virtualization, and outlines various unpacking (脱壳) techniques—including memory dump, dynamic debugging, hook‑based and custom ROM approaches—used to bypass these protections.
This article investigates an Android ANR triggered by a while‑true loop in TextView's getOffsetForHorizontal, reproduces the issue on Pixel 2, explains how to extract trace files, compares Android Studio debugging with Frida dynamic hooking, and provides step‑by‑step instructions to reproduce and debug the bug.
