frida
ffupdater
frida | ffupdater | |
---|---|---|
14 | 70 | |
14,787 | 588 | |
1.8% | - | |
9.2 | 9.7 | |
6 days ago | 29 days ago | |
Meson | Kotlin | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
frida
-
Reversing an Android app API
Frida, uff this is just AMAZING, yes with uppercase and in bold letters. They also has bindings on different languages that can be found in their github repository. Spoiler alert...the Go binding it's pure shit...really couldn't run it. Use just the default that it's installed with pip install frida-tools.
-
Using LD_PRELOAD to cheat, inject features and investigate programs
A great framework for doing something along those lines is Frida (https://github.com/frida/frida). Works on a bunch of stuff, including Android and iOS. Some global-ish certificate pinning bypasses work through Frida, by patching http libraries to not raise exceptions, accept system certificates, etc and just quietly hum along instead. Certificate unpinning in turn enables network MITM with mitmproxy, which makes it a lot quicker and easier to inspect, block, or modify network traffic.
Funnily enough, I've seen much stronger obfuscation from reverse engineering from my cheap Tuya IoT devices app than from my bank app.
-
iOS Application Security And Static Analysis
Install Frida from Github :- https://github.com/frida/frida
-
Have you ever heard of apk.sh? It makes reverse engineering Android apps easier.
// see: https://github.com/frida/frida/issues/382
-
Firefox Android now supports tampermonkey
If anyone needs a "monkey" not for web pages but for any process on your computer system, may I recommend Frida:
https://frida.re
https://github.com/frida/frida
With Frida, you write JavaScript programs and inject them into arbitrary processes, to hook and modify and call whatever you please.
It gets a lot of use in the reverse engineering and vulnerability research communities, but has broader scope too. For instance, I used it recently to automate the UI of a video production program on Windows, by injecting a thread that sends window messages to the main message loop and hooks into various system dialog functions.
- [Request] Tweak to Decrypt iPAs on Palera1n!
-
apk.sh, make reverse engineering Android apps easier!
var android_log_write = new NativeFunction( Module.getExportByName(null, '__android_log_write'), 'int', ['int', 'pointer', 'pointer'] ); var tag = Memory.allocUtf8String("[frida-sript][ax]"); var work = function() { setTimeout(function() { android_log_write(3, tag, Memory.allocUtf8String("ping @ " + Date.now())); work(); }, 1000); } work(); // console.log does not seems to work. see: https://github.com/frida/frida/issues/382 console.log("console.log"); console.error("console.error"); console.warn("WARN"); android_log_write(3, tag, Memory.allocUtf8String(">--(O.o)-<)");
-
How to use Galaxy Watch 4 on "unsupported" Android devices
Go to https://github.com/frida/frida/releases and download the latest frida-server--android-arm64.xz. Extract it and run adb push frida-server--android-arm64 /sdcard/frida-server
- HTTP Toolkit
-
Frida 15 Is Out
It sounds like a kind of black magic:
> ...It’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript or your own library into native apps on Windows, macOS, GNU/Linux, iOS, Android, and QNX.
> ...Frida’s core is written in C and injects QuickJS into the target processes, where your JS gets executed with full access to memory, hooking functions and even calling native functions inside the process.
> There’s a bi-directional communication channel that is used to talk between your app and the JS running inside the target process.
Here's a description of the architecture:
https://frida.re/docs/hacking/
And the source:
https://github.com/frida/frida
---
Apparently using "wxWindows Library Licence, Version 3.1":
> This is essentially the LGPL, with an exception stating that derived works in binary form may be distributed on the user's own terms. This is a solution that satisfies those who wish to produce GPL'ed software using Frida, and also those producing proprietary software.
https://github.com/frida/frida/blob/master/COPYING
ffupdater
- Google Fit APIs get shut down in 2025, might break fitness devices
-
⟳ 4 apps added, 72 updated at f-droid.org
FFUpdater (version 78.3.0): Updater for privacy friendly browsers
-
Firefox desktop extensions coming soon for the upcoming Android release
I've never tried Kiwi Browser but had similarly come across it while searching. The dev interestingly refers to them ads[1] (2022), though prior to being accepted properly into Bing's referral program Kiwi redirected all search queries through their own servers[2][3] (2021) (the original Kiwi repo's issues tab has been deleted since).
Tbf dev always sounds reasonable in their responses but was a little off-putting initially so I kinda understand the GP's post.
[1] https://github.com/kiwibrowser/src.next/issues/91#issuecomme...
[2] https://github.com/Tobi823/ffupdater/issues/35
[3] https://web.archive.org/web/20210605191305/https://github.co...
- Alphabet Announces Second Quarter 2023 Results [pdf]
-
RES extension on mobile browser?
For "Chrome", you can use Kiwi Browser or Yandex Browser. Both are a bit controversial: https://github.com/Tobi823/ffupdater/issues/35 and the other one is Yandex Browser. But both support add-ons. You can use mobile Beta/Nightly Firefox/Fennec instead with custom addon collection like in this example: https://github.com/octonezd/oldlander#firefox
-
Why Firefox forks aren't on play store when there are so many of Chromium?
But there is FFUpdater which includes IceRaven.
-
[Android Apps] Le navigateur Kiwi est un logiciel espion.
Plus à ce sujet
-
Good WebKit Browser with privacy protections
on Android I saw Privacy Browser in FFUpdater
-
New browser
Actually there was a conflict between Fulguris and Styx. But It resolved nicely between two devs. The dev of Styx deleted the repo. After migrating to Fulguris base, Styx reappeared again. Probably that's why IzzyOnDroid showing this anti-feature.
-
I have to say....
Updating apps is a pita for me: Firefox has its own updater app: https://f-droid.org/en/packages/de.marmaro.krt.ffupdater
What are some alternatives?
objection - 📱 objection - runtime mobile exploration
AuroraStore
httptoolkit - HTTP Toolkit is a beautiful & open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux & Mac :tada: Open an issue here to give feedback or ask for help.
bromite - Bromite is a Chromium fork with ad blocking and privacy enhancements; take back your browser!
mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
iceraven-browser - Iceraven Browser
Proxyman - Modern. Native. Delightful Web Debugging Proxy for macOS, iOS, and Android ⚡️
Fenix - ⚠️ Fenix (Firefox for Android) moved to a new repository. It is now developed and maintained as part of: https://github.com/mozilla-mobile/firefox-android
frida-ios-hook - A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform
aniyomi - An app for manga and anime
httptoolkit-server - The backend of HTTP Toolkit
brave-core - Core engine for the Brave browser for mobile and desktop. For issues https://github.com/brave/brave-browser/issues