{"id":13721772,"url":"https://github.com/NorthwaveSecurity/fridax","last_synced_at":"2025-05-07T14:30:42.574Z","repository":{"id":40849344,"uuid":"245381045","full_name":"NorthwaveSecurity/fridax","owner":"NorthwaveSecurity","description":"Fridax enables you to read variables and intercept/hook functions in Xamarin/Mono JIT and AOT compiled iOS/Android applications.","archived":false,"fork":false,"pushed_at":"2023-04-04T09:36:16.000Z","size":1269,"stargazers_count":163,"open_issues_count":9,"forks_count":21,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-11-14T11:39:39.098Z","etag":null,"topics":["ahead-of-time","android","aot","arguments","frida","functions","intercept","ios","jit","just-in-time","modify","mono","variables","xamarin"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/NorthwaveSecurity.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2020-03-06T09:38:46.000Z","updated_at":"2024-11-05T16:28:17.000Z","dependencies_parsed_at":"2024-01-06T01:06:28.883Z","dependency_job_id":"9aada621-57d8-4155-a6db-1c1304e62d45","html_url":"https://github.com/NorthwaveSecurity/fridax","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NorthwaveSecurity%2Ffridax","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NorthwaveSecurity%2Ffridax/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NorthwaveSecurity%2Ffridax/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NorthwaveSecurity%2Ffridax/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/NorthwaveSecurity","download_url":"https://codeload.github.com/NorthwaveSecurity/fridax/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252895472,"owners_count":21821167,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ahead-of-time","android","aot","arguments","frida","functions","intercept","ios","jit","just-in-time","modify","mono","variables","xamarin"],"created_at":"2024-08-03T01:01:21.179Z","updated_at":"2025-05-07T14:30:42.104Z","avatar_url":"https://github.com/NorthwaveSecurity.png","language":"JavaScript","funding_links":[],"categories":["Tools","Инструменты анализа","JavaScript","Dynamic Analysis"],"sub_categories":["Dynamic Analysis Tools"],"readme":"\u003cp align=\"center\"\u003e\n    \u003cimg src=\"https://raw.githubusercontent.com/NorthwaveNL/fridax/master/.github/logo_visual.svg?sanitize=true\" width=\"475\" /\u003e\n    \u003cbr/\u003e\n    \u003cb\u003eFridax is a Node package for dealing with \u003ca href=\"https://dotnet.microsoft.com/apps/xamarin\"\u003eXamarin\u003c/a\u003e applications while using the \u003ca href=\"https://frida.re/docs/javascript-api/\"\u003eFrida API\u003c/a\u003e.\u003c/b\u003e\n    \u003cbr/\u003e\n    \u003ca href=\"#goal\"\u003eGoal\u003c/a\u003e\n    •\n    \u003ca href=\"#installation\"\u003eInstallation\u003c/a\u003e\n    •\n    \u003ca href=\"#usage\"\u003eUsage\u003c/a\u003e\n    •\n    \u003ca href=\"#examples\"\u003eExamples\u003c/a\u003e\n    •\n    \u003ca href=\"#issues\"\u003eIssues\u003c/a\u003e\n    •\n    \u003ca href=\"#license\"\u003eLicense\u003c/a\u003e\n    \u003cbr/\u003e\n    \u003csub\u003eBuilt with ❤ by the \u003ca href=\"https://twitter.com/NorthwaveLabs\"\u003eNorthwave\u003c/a\u003e Red Team\u003c/sub\u003e\n    \u003cbr/\u003e\n\u003c/p\u003e\n\u003chr\u003e\n\n## Goal\n\nIn the Northwave Red Team we conduct security penetration tests on, among other things, mobile applications. During almost every mobile application penetration test we want to modify the behaviour of the application in such a way that it bypasses certain checks (e.g. a PIN code check).\n\nFrida is a toolkit that allows us to do exactly that. It is a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. Using Frida you can, for example, inject and modify code of iOS and Android applications on runtime. However, if the application that is being pentested is a Xamarin application, it becomes more difficult to modify code on runtime, since Xamarin applications are basically wrappers that run a .NET binary.\n\n**Fridax to the rescue!** Fridax allows you to easily modify the .NET binary inside a Xamarin application on runtime. We've included some example scripts that e.g. modify constructor and function arguments.\n\nHappy hacking!\n\n## Installation\n\nClone this Git repository.\n\n```bash\ngit clone git@github.com:NorthwaveNL/fridax.git\n```\n\nUse the package manager [npm](https://www.npmjs.com/) to install the dependencies for Fridax.\n\n```bash\ncd fridax\nnpm install\n```\n\n## Usage\n\nPlease check the [known issues](#issues) before your start.\n\n1. Connect your device (make sure it can be listed).\n    - `frida-ls-devices`\n2. Copy an example script to the scripts folder.\n    - `cp examples/modify_class_function_argument.js scripts/modify_class_function_argument.js`\n3. Adjust some of the config variables in the script (that you copied) to your needs.\n    - Update `settingClassName`, `settingMethodName` and `settingMethodArgCount`\n4. Start the application on your device and run your script!\n    - `./fridax.js inject --scripts scripts/modify_class_function_argument.js`\n\n**All options**\n\n```bash\n./fridax.js \u003ccommand\u003e\n\nCommands:\n  ./fridax.js inject [scripts]  Inject the given scripts list.\n\nOptions:\n  --version   Show version number                                                           [boolean]\n  -h, --help  Show help                                                                     [boolean]\n  --device    The address of the remote Frida device to connect to (or the string \"usb\")    [default: \"usb\"]\n\nExamples:\n  ./fridax.js inject --scripts scripts/modify_function_argument.js scripts/intercept_password.js scripts/sql_injection.js\n```\n\n## Examples\n\nExample scripts can be found in `./examples`. Place an example script in the `./scripts` folder to try it out. Using the example scripts, all of the variables/functions in the example class below can be read/intercepted.\n\n```csharp\nnamespace CompanyName.ProjectName {\n\n    class Settings {\n\n        // Static int can be read\n        public static readonly int secret1 = 1234;\n\n        // Static bool can be read\n        public static readonly bool secret2 = false;\n\n        // Static object can be read\n        public static readonly ObfuscatedString secret3 = ObfuscatedString(\"yGVhqI5yzbgYUnCP+ZukDw==\");\n\n        // Static string can be read\n        public static readonly string secret4 = \"SecretValue\";\n\n        // Constructor can be intercepted and arguments can be modified\n        Settings(string a, string b, string c) {\n\n        }\n\n        // Function can be intercepted and argument can be modified\n        GetElement(string id) {\n\n        }\n\n    }\n\n}\n```\nFor example, to read the `public static readonly bool secret2` you can run the command below after copying `./examples/read_static_bool_from_class.js` to `./scripts/read_static_bool_from_class.js`. You also need to edit the `Company.ProjectName.Settings` class name and `secret2` variable name in that file to your needs. You can find out which names you need by using [dnSpy](https://github.com/0xd4d/dnSpy) on the Mono binary in the IPA/APK.\n\n```bash\n./fridax.js inject --scripts scripts/read_static_bool_from_class.js\n```\n    \n## Issues\n\nIssues or new features can be reported via the [GitHub issue tracker](https://github.com/NorthwaveNL/fridax/issues). Please make sure your issue or feature has not yet been reported by anyone else before submitting a new one.\n\n**Known issues**\n\n* Xamarin app needs to be running before you start this script (see [this issue](https://github.com/freehuntx/frida-mono-api/issues/4) for more information).\n* You get the error `Export not found: mono_aot_get_method`. This is due to your application being JIT-compiled. Please use the example scripts that are prefixed with `jit_` instead of `aot_` (AOT-compiled). See [issue #3](https://github.com/NorthwaveNL/fridax/issues/3) for more information.\n\n## License\n\nFridax is open-sourced software licensed under the [MIT license](https://github.com/NorthwaveNL/fridax/blob/develop/LICENSE.md).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FNorthwaveSecurity%2Ffridax","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FNorthwaveSecurity%2Ffridax","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FNorthwaveSecurity%2Ffridax/lists"}