From 73e17010e67cba63ffaf1a1ee9a87dac88bc341e Mon Sep 17 00:00:00 2001 From: HackTricks News Bot Date: Wed, 4 Mar 2026 18:52:52 +0000 Subject: [PATCH] =?UTF-8?q?Add=20content=20from:=20Auto=20Frida=20v2.0=20b?= =?UTF-8?q?y=20Omkar=20Mirkute=20=E2=80=94=20Complete=20Android=20Security?= =?UTF-8?q?...?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...-instrumentation-and-ssl-pinning-bypass.md | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/src/mobile-pentesting/android-app-pentesting/android-anti-instrumentation-and-ssl-pinning-bypass.md b/src/mobile-pentesting/android-app-pentesting/android-anti-instrumentation-and-ssl-pinning-bypass.md index 16214ecfe2d..e6c6c5ae022 100644 --- a/src/mobile-pentesting/android-app-pentesting/android-anti-instrumentation-and-ssl-pinning-bypass.md +++ b/src/mobile-pentesting/android-app-pentesting/android-anti-instrumentation-and-ssl-pinning-bypass.md @@ -93,6 +93,27 @@ run com.target.app Tip: Medusa is great for quick wins before writing custom hooks. You can also cherry-pick modules and combine them with your own scripts. +## Automate with Auto-Frida (spawn-mode + consolidated hooks) + +Auto-Frida is a Frida automation toolkit that focuses on repeatable setup plus **auto-detection** of protections and **consolidated bypass script generation**. It is useful when apps run checks very early or when multiple bypass modules would otherwise double-hook the same APIs. + +Key automation ideas: +- **Spawn-mode analysis** to install hooks before `Application.onCreate()` so early SSL pinning, root, emulator, or anti-Frida checks are caught. +- **Protection detection + auto-bypass**: detection results drive the generation of a single consolidated script that hooks each Java method/native symbol once, reducing crashes from overlapping hooks. +- **Frida server lifecycle checks**: validate server health (process + port `27042` + `frida-ps` handshake) before downloading/restarting to keep runs stable. + +Quick start: +```bash +git clone https://github.com/ommirkute/Auto-Frida.git +cd Auto-Frida +pip install -r requirements.txt +python auto_frida.py +``` + +Notes +- Auto-Frida can auto-install `frida`/`frida-tools` if missing and supports multi-device selection. +- Generated scripts can be executed immediately or merged with your custom hooks after analysis. + ## Step 3 — Bypass init-time detectors by attaching late Many detections only run during process spawn/onCreate(). Spawn‑time injection (-f) or gadgets get caught; attaching after UI loads can slip past. @@ -392,6 +413,7 @@ Notes - [Apktool install guide](https://apktool.org/docs/install) - [Magisk](https://github.com/topjohnwu/Magisk) - [Medusa (Android Frida framework)](https://github.com/Ch0pin/medusa) +- [Auto-Frida (Android Frida automation toolkit)](https://github.com/ommirkute/Auto-Frida) - [Build a Repeatable Android Bug Bounty Lab: Emulator vs Magisk, Burp, Frida, and Medusa](https://www.yeswehack.com/learn-bug-bounty/android-lab-mobile-hacking-tools) - [phantom-frida (stealth Frida server builder)](https://github.com/TheQmaks/phantom-frida) - [Frida OkHttp4 SSL pinning bypass script](https://github.com/Zero3141/Frida-OkHttp-Bypass)