GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → nowsecure → Frida Trace

nowsecure / Frida Trace

Licence: mit
Trace APIs declaratively through Frida.

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

tracefrida

Projects that are alternatives of or similar to Frida Trace

Fridacontainer
FridaContainer 整合了网上流行的和自己编写的常用的 frida 脚本,为逆向工作提效之用。 frida 脚本模块化,Java & Jni Trace。
Stars: ✭ 190 (+58.33%)
Mutual labels:  frida, trace
Frida Ios Hook
A script that helps you trace classes, functions, and modify the return values of methods on iOS platform
Stars: ✭ 151 (+25.83%)
Mutual labels:  frida, trace
Appmon
Documentation:
Stars: ✭ 1,157 (+864.17%)
Mutual labels:  frida
Corellium Android Unpacking
Android Unpacking Automation using Corellium Devices
Stars: ✭ 107 (-10.83%)
Mutual labels:  frida
Iostrace
alternative strace for iOS device(64bit) on frida
Stars: ✭ 84 (-30%)
Mutual labels:  frida
Dubbo Trace
基于Dubbo的分布式系统调用跟踪Demo
Stars: ✭ 72 (-40%)
Mutual labels:  trace
Jnitrace Engine
Engine used by jnitrace to intercept JNI API calls.
Stars: ✭ 94 (-21.67%)
Mutual labels:  frida
Jaeger Client Ruby
OpenTracing Tracer implementation for Jaeger in Ruby
Stars: ✭ 59 (-50.83%)
Mutual labels:  trace
Applicationinsights Python
Application Insights SDK for Python
Stars: ✭ 114 (-5%)
Mutual labels:  trace
React Lifecycle Visualizer
Real-time visualizer for React lifecycle methods
Stars: ✭ 1,232 (+926.67%)
Mutual labels:  trace
Fridahooker
由于工作原因接触纯App安全比较少了所以项目处于咕咕咕状态 // Android Frida GUI Manager; Android 图形化Frida管理器
Stars: ✭ 101 (-15.83%)
Mutual labels:  frida
Dbi Stuff
Resources About Dynamic Binary Instrumentation and Dynamic Binary Analysis
Stars: ✭ 80 (-33.33%)
Mutual labels:  frida
Rms Runtime Mobile Security
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
Stars: ✭ 1,194 (+895%)
Mutual labels:  frida
Laravel Tracer
Shows the path of each blade file loaded in a template
Stars: ✭ 96 (-20%)
Mutual labels:  trace
Logbert
Logbert is an advanced log message viewer for log4net, log4j and others.
Stars: ✭ 70 (-41.67%)
Mutual labels:  trace
Ot Node
OriginTrail network node
Stars: ✭ 107 (-10.83%)
Mutual labels:  trace
Traceshark
This is a tool for Linux kernel ftrace and perf events visualization
Stars: ✭ 63 (-47.5%)
Mutual labels:  trace
Go Trace
Implementing a path tracer in Go
Stars: ✭ 77 (-35.83%)
Mutual labels:  trace
Jeb2frida
Automated Frida hook generation with JEB
Stars: ✭ 95 (-20.83%)
Mutual labels:  frida
Airspy
AirSpy - Frida-based tool for exploring and tracking the evolution of Apple's AirDrop protocol implementation on i/macOS, from the server's perspective. Released during BH USA 2019 Training https://www.nowsecure.com/event/advanced-frida-and-radare-a-hackers-delight/
Stars: ✭ 116 (-3.33%)
Mutual labels:  frida
View All Similar Projects ➔

frida-trace

Trace APIs declaratively through Frida.

Example

const trace = require('frida-trace');

const func = trace.func;
const argIn = trace.argIn;
const argOut = trace.argOut;
const retval = trace.retval;

const types = trace.types;
const pointer = types.pointer;
const INT = types.INT;
const POINTER = types.POINTER;
const UTF8 = types.UTF8;

trace({
  module: 'libsqlite3.dylib',
  functions: [
    func('sqlite3_open', retval(INT), [
      argIn('filename', UTF8),
      argOut('ppDb', pointer(POINTER), when('result', isZero)),
    ]),
    func('sqlite3_prepare_v2', retval(INT), [
      argIn('db', POINTER),
      argIn('zSql', [UTF8, bind('length', 'nByte')]),
      argIn('nByte', INT),
      argOut('ppStmt', pointer(POINTER), when('result', isZero)),
    ])
  ],
  callbacks: {
    onEvent(event) {
      console.log('onEvent! ' + JSON.stringify(event, null, 2));
    },
    onEnter(event, context) {
      event.trace = Thread.backtrace(context)
        .map(DebugSymbol.fromAddress)
        .filter(x => x.name);
    },
    onError(e) {
      console.error(e);
    }
  }
});

function isZero(value) {
  return value === 0;
}

Auto-generating boilerplate from header files

$ ./bin/parse-header.js /usr/include/sqlite3.h | ./bin/generate-boilerplate.js
trace({
  module: 'libfoo.dylib',
  functions: [
    func('sqlite3_libversion', retval(UTF8), []),
    func('sqlite3_sourceid', retval(UTF8), []),
    func('sqlite3_libversion_number', retval(INT), []),
    func('sqlite3_compileoption_used', retval(INT), [
      argIn('zOptName', UTF8)
    ]),
    func('sqlite3_compileoption_get', retval(UTF8), [
      argIn('N', INT)
    ]),
    func('sqlite3_threadsafe', retval(INT), []),
    func('sqlite3_close', retval(INT), [
      argIn('a1', POINTER)
    ]),
    func('sqlite3_close_v2', retval(INT), [
      argIn('a1', POINTER)
    ]),
    func('sqlite3_exec', retval(INT), [
      argIn('a1', POINTER),
      argIn('sql', UTF8),
      argIn('callback', POINTER),
      argIn('a4', POINTER),
      argOut('errmsg', pointer(POINTER), when('result', isZero))
    ]),
...
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].