frida
proxychains
frida | proxychains | |
---|---|---|
14 | 19 | |
14,787 | 6,067 | |
1.8% | - | |
9.2 | 7.0 | |
5 days ago | 4 months ago | |
Meson | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
frida
-
Reversing an Android app API
Frida, uff this is just AMAZING, yes with uppercase and in bold letters. They also has bindings on different languages that can be found in their github repository. Spoiler alert...the Go binding it's pure shit...really couldn't run it. Use just the default that it's installed with pip install frida-tools.
-
Using LD_PRELOAD to cheat, inject features and investigate programs
A great framework for doing something along those lines is Frida (https://github.com/frida/frida). Works on a bunch of stuff, including Android and iOS. Some global-ish certificate pinning bypasses work through Frida, by patching http libraries to not raise exceptions, accept system certificates, etc and just quietly hum along instead. Certificate unpinning in turn enables network MITM with mitmproxy, which makes it a lot quicker and easier to inspect, block, or modify network traffic.
Funnily enough, I've seen much stronger obfuscation from reverse engineering from my cheap Tuya IoT devices app than from my bank app.
-
iOS Application Security And Static Analysis
Install Frida from Github :- https://github.com/frida/frida
-
Have you ever heard of apk.sh? It makes reverse engineering Android apps easier.
// see: https://github.com/frida/frida/issues/382
-
Firefox Android now supports tampermonkey
If anyone needs a "monkey" not for web pages but for any process on your computer system, may I recommend Frida:
https://frida.re
https://github.com/frida/frida
With Frida, you write JavaScript programs and inject them into arbitrary processes, to hook and modify and call whatever you please.
It gets a lot of use in the reverse engineering and vulnerability research communities, but has broader scope too. For instance, I used it recently to automate the UI of a video production program on Windows, by injecting a thread that sends window messages to the main message loop and hooks into various system dialog functions.
- [Request] Tweak to Decrypt iPAs on Palera1n!
-
apk.sh, make reverse engineering Android apps easier!
var android_log_write = new NativeFunction( Module.getExportByName(null, '__android_log_write'), 'int', ['int', 'pointer', 'pointer'] ); var tag = Memory.allocUtf8String("[frida-sript][ax]"); var work = function() { setTimeout(function() { android_log_write(3, tag, Memory.allocUtf8String("ping @ " + Date.now())); work(); }, 1000); } work(); // console.log does not seems to work. see: https://github.com/frida/frida/issues/382 console.log("console.log"); console.error("console.error"); console.warn("WARN"); android_log_write(3, tag, Memory.allocUtf8String(">--(O.o)-<)");
-
How to use Galaxy Watch 4 on "unsupported" Android devices
Go to https://github.com/frida/frida/releases and download the latest frida-server--android-arm64.xz. Extract it and run adb push frida-server--android-arm64 /sdcard/frida-server
- HTTP Toolkit
-
Frida 15 Is Out
It sounds like a kind of black magic:
> ...It’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript or your own library into native apps on Windows, macOS, GNU/Linux, iOS, Android, and QNX.
> ...Frida’s core is written in C and injects QuickJS into the target processes, where your JS gets executed with full access to memory, hooking functions and even calling native functions inside the process.
> There’s a bi-directional communication channel that is used to talk between your app and the JS running inside the target process.
Here's a description of the architecture:
https://frida.re/docs/hacking/
And the source:
https://github.com/frida/frida
---
Apparently using "wxWindows Library Licence, Version 3.1":
> This is essentially the LGPL, with an exception stating that derived works in binary form may be distributed on the user's own terms. This is a solution that satisfies those who wish to produce GPL'ed software using Frida, and also those producing proprietary software.
https://github.com/frida/frida/blob/master/COPYING
proxychains
-
Using LD_PRELOAD to cheat, inject features and investigate programs
Fun fact: proxychains uses LD_PRELOAD [0] to hook the necessary syscalls [1] for setting up a "proxy environment" for the wrapped program, e.g. `connect`, `gethostbyname`, `gethostbyaddr`, etc. Note this also implies that it could be leaky in some cases when applied to a program that uses alternative syscalls to make an external connection.
[0] https://github.com/haad/proxychains/blob/master/src/proxycha...
[1] https://github.com/haad/proxychains/blob/master/src/libproxy...
- IRC question
- Issue with proxychains and SSH tunneling
-
Help with bypassing hospital VPN and wireguard block
You can use ProxyChains in order to use the SOCKS5 proxy with any application, depending on the OS you are using.
-
/etc/proxychains.conf is empty
I assume that https://github.com/haad/proxychains is the project in question. At https://github.com/haad/proxychains/blob/master/src/proxychains.conf you can view the contents of the configuration file and then save it in /etc/proxychains.conf.
-
Proxychains.conf empty???
That is weird. However, missing configs are usually an easy problem to solve - simply find one online and copy it (once you understand it). Here is the one from the proxy chains repo. Lastly, be careful with Kali, it's definitely not suited to beginners (you're doing the right thing running it in a VM at least).
-
TOOL: ntlmrelayx2proxychains
ntlmrelayx2proxychains aims to connect the tool of the SecureAuthCorps' impacket suite, ntlmrelayx.py (hereafter referred to as "ntlmrelayx"), along with @byt3bl33d3r's tool, CrackMapExec (hereafter referred to as "CME"), over proxychains, developped by haad.
- Digital War Against Putin -- Automated Google Reviews with Python
-
Setting network proxy on linux desktop
You can go even further with tools like proxychains that let you chain multiple proxies. This is used while setting up tor and comes pre-installed with pentesting distros like Kali and ParrotOS.
- ProxyChains
What are some alternatives?
objection - 📱 objection - runtime mobile exploration
torsocks - Library to torify application - NOTE: upstream has been moved to https://gitweb.torproject.org/torsocks.git
httptoolkit - HTTP Toolkit is a beautiful & open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux & Mac :tada: Open an issue here to give feedback or ask for help.
CrackMapExec - A swiss army knife for pentesting networks
mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Tor - Tor protects your privacy on the Internet by hiding the connection between your Internet address and the services you use. (This is *not* the official repository.)
Proxyman - Modern. Native. Delightful Web Debugging Proxy for macOS, iOS, and Android ⚡️
nipe - An engine to make Tor network your default gateway
frida-ios-hook - A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform
sshuttle - Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
httptoolkit-server - The backend of HTTP Toolkit
impacket - Impacket is a collection of Python classes for working with network protocols.