Awesome Frida

A curated list of awesome projects, libraries, and tools powered by Frida.

What is Frida?

Frida is Greasemonkey for native apps, or, put in more technical terms, it’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript into native apps that run on Windows, Mac, Linux, iOS and Android.

Frida is an open source software.

More info here.

Table of Contents

• Libraries
• Projects
• Talks & Papers
• Powered by Frida
• Videos
• Blog posts
• Community

Libraries

• frida-android-hooks - Hook method calls in Android
• FridaAndroidTracer - A runnable jar that generate Javascript hook script to hook Android classes
• frida-panic - Easy crash-reporting for Frida-based applications
• frida-compile - Compile a Frida script comprised of one or more Node.js modules
• frida-trace - Trace APIs declaratively
• frida-screenshot - Grab (iOS) screenshots
• frida-uiwebview - Inspect and manipulate UIWebView-hosted GUIs
• frida-uikit - Inspect and manipulate UIKit-based GUIs
• frida-contrib - Frida utility-belt
• frida-load - Load a Frida script comprised of one or more Node.js modules (Deprecated, use frida-compile)
• frida-remote-stream - Create an outbound stream over a message transport.
• frida-memory-stream - Create a stream from one or more memory regions.
• frida-fs - Create a stream from a filesystem resource.
• frida-push - Automatically adb push the correct frida-server matching your current frida installation.

Projects

• as0ler/frida-scripts - Repository including some useful frida script for iOS Reversing
• 0xdea/frida-scripts - instrumentation scripts to facilitate reverse engineering of android and iOS Apps.
• roxanagogonea/frida-scripts - Repository including some useful frida scripts for Android
• iddoeldor/frida-snippets - another useful frida snippets repository
• IDA Pro plugin - IDA Pro plugin
• poxyran/misc - Misc Frida scripts read-process-memory.py, write-process-memory.py, frida-heap-trace,
• frida-cycript - Fork of cycript with new runtime called Mjølner powered by Frida.
• r2frida - static and dynamic analysis synergy
• ios-inject-custom - use Frida for standalone injection of a custom payload for iOS.
• davuxcom/frida-scripts - Repository including scripts for COM, .NET and WinRT for Windows
• XposedFridaBridge - A frida script implement XposedBridge & load xposed modules, without installing xposed framwork.
• easy-frida - A tool for easily develop frida agent script/module when reversing, including some useful frida scripts.

Talks & Papers

• OSDC 2015: Putting the open back into closed software (PDF · Recording)
• OSDC 2015: The engineering behind the reverse engineering (PDF · Recording)
• NLUUG 2015: Frida: Putting the open back into closed software (Slides · Demos · Recording)
• ZeroNights 2015: Cross-platform reversing with Frida (PDF · Demos)
• r2con 2016 - r2frida (PDF · Recording)
• RMLL 2017 Unlocking secrets of proprietary software (@oleavr) (slides · Recording)

Powered by Frida

• Aurora - Web app built on top of Frida
• CloudSpy - Web app built on top of Frida
• CryptoShark - Self-optimizing cross-platform code tracer based on dynamic recompilation
• diff-gui - Web GUI for instrumenting Android
• LobotomyLobotomy Fork - Android Reverse Engineering Framework & Toolkit
• Appmon - Runtime Security Testing Framework for iOS, Mac OS X and Android Apps
• Fridump - A universal memory dumper using Frida
• frida-extract - Automatically extract and reconstruct a PE file that has been injected using the RunPE method
• r2frida memory search
• r2frida-wiki - Unofficial wiki that provides practical examples on how to use r2frida
• google/ssl_logger - Decrypts and logs a process's SSL traffic.
• google/tcp_killer - Shuts down a TCP connection based using output from a netstat cmd.
• brida - Bridge between Burp Suite and Frida
• objection - Runtime Mobile Exploration for iOS and Android
• passionfruit - iOS App Analyzer with Web UI
• House - A runtime mobile application analysis toolkit with a Web GUI, powered by Frida
• Dwarf - A debugger built on top of PyQt5 and frida
• Dexcalibur - A dynamic binary instrumentation tool designed for Android apps and powered by Frida
• bagbak - Decrypt apps from AppStore on jailbroken devices. Supports decrypting app extensions.
• Runtime Mobile Security (RMS) - A powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
• PAPIMonitor - Python API Monitor for Android apps is a tool, powered by Frida, to monitor user-selected APIs during app execution.

Videos

• Frida vs Spotify - Spotify RE
• CryptoShark - a self-optimizing cross-platform code tracer based on dynamic recompilation, powered by Frida and Capstone
• Frida Memory Hacking - Angry Birds - Frida having fun with Angry Birds running on an iPhone
• Frida Memory Hacking - Windows Live Messenger - Frida having fun with Windows Live Messenger
• Frida Intro @ NowSecure - Frida introduction by Ole
• Lobotomy - Frida Demo - This demo is leveraging the Frida toolkit to instrument a target app's Activity calls.
• Install SSL CA to device via ManagedConfiguration tracing

Blog posts

• Build a debugger in 5 minutes
• Reverse Engineering with Javascript
• iOS 9 Reverse Engineering with Javascript
• iOS Instrumentation without Jailbreak
• Introduction to Fridump - Fridump is an open source memory dumper tool
• Hacking Android apps with Frida part1, part2/crackme, part3
• OWASP iOS crackme tutorial: Solved with Frida
• Detecting Frida poxyran, Bernhard Mueller

Community

• Stack Overflow
• @fridaotre on Twitter
• @oleavr on Twitter
• Reddit
• Frida CodeShare - Share frida snippets and recipes with others.

Contributions

Your contributions are always welcome!

If you want to contribute to this list (please do), send me a pull request or contact me @insitusec

Also, if you notice that a listing should be deprecated or replaced:

• Repository's owner explicitly say that "this library is not maintained".
• Not committed for long time (2~3 years).

More info on the guidelines

Credits

• This awesome list was originally based on Awesome TensorFlow