A dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
Frida is a dynamic binary instrumentation framework. A DBI tool lets the user modify a running process to change the behavior without doing binary patching. These types of tools are used in a wide variety of software engineering domains such as performance analysis, reverse engineering, binary patching, and many more. When doing mobile assessment, these tools allow the pentester to bypass some security checks (like root detection or SSL pinning).
Before Frida, most tools required the user to build a module or a binary injected into the objective process by the DBI tool. This workflow was tedious, and it took a lot of time for a user to create a working module. Also, the difficulty of building a desired patch increased exponentially based on the complexity of the change.
Another limitation in most DBI tools is that they work in limited scenarios or technologies, so you need to use multiple tools to engage different environments (Android, iOS, Linux, Windows, Mac).
Although Frida is a fantastic tool, there are no in-depth tutorials or workshops that teach beginner users. They have to face the painful path of learning by examples and by reading blog posts with working examples or guessing ways to patch particular cases. That was the main reason I created this workshop.
The workshop explains how to create scripts in Frida to do binary instrumentation in the Java layer on the Android environment. The goal is to learn how to create scripts regardless of the scenario and understand scripts used for other tools.
The content of the workshop includes:
* Creation of scripts to hook methods.
* Creation of scripts to override methods.
* Creation of scripts to hook overloaded methods.
* Creation of scripts to find stack trace of function and log parts of the code.
* Methodology to develop scripts to bypass security restrictions, reversing of Android APKs in order to find what to hook.
The APKs and presentation can be downloaded from: https://github.com/CesarMRodriguez/eko_2021
Here is a list of resources you can check to learn a bit more of Frida:
For more information about Faraday products and our new version, click here