{"id":15220432,"url":"https://github.com/huan/sidecar","last_synced_at":"2025-09-24T22:30:55.245Z","repository":{"id":39414681,"uuid":"376348416","full_name":"huan/sidecar","owner":"huan","description":"Easily hook/call binary functions using ES6 class with TypeScript annotation (Powered by Frida)","archived":false,"fork":false,"pushed_at":"2022-07-13T08:57:21.000Z","size":947,"stargazers_count":47,"open_issues_count":16,"forks_count":7,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-01-10T08:44:40.423Z","etag":null,"topics":["assembly","frida","hook","reverse-engineering"],"latest_commit_sha":null,"homepage":"https://npmjs.com/package/sidecar","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/huan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-06-12T17:29:11.000Z","updated_at":"2024-09-12T00:13:53.000Z","dependencies_parsed_at":"2022-09-08T00:40:53.616Z","dependency_job_id":null,"html_url":"https://github.com/huan/sidecar","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/huan%2Fsidecar","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/huan%2Fsidecar/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/huan%2Fsidecar/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/huan%2Fsidecar/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/huan","download_url":"https://codeload.github.com/huan/sidecar/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234131268,"owners_count":18784414,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["assembly","frida","hook","reverse-engineering"],"created_at":"2024-09-28T13:09:17.522Z","updated_at":"2025-09-24T22:30:49.919Z","avatar_url":"https://github.com/huan.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Sidecar\n\n[![NPM](https://github.com/huan/sidecar/actions/workflows/npm.yml/badge.svg)](https://github.com/huan/sidecar/actions/workflows/npm.yml)\n[![NPM Version](https://img.shields.io/npm/v/sidecar?color=brightgreen)](https://www.npmjs.com/package/sidecar)\n[![npm (tag)](https://img.shields.io/npm/v/sidecar/next.svg)](https://www.npmjs.com/package/wechaty-puppet-whatsapp?activeTab=versions)\n[![Powered by Frida](https://img.shields.io/badge/Powered%20By-Frida-red.svg)](https://github.com/https://github.com/frida/frida)\n\nSidecar is a runtime hooking tool for intercepting function calls by TypeScript annotation with ease, powered by [Frida.RE](https://frida.re/).\n\n![Frida Sidecar](docs/images/sidecar.webp)\n\n\u003e Image source: [1920s Raleigh Box Sidecar Outfit](https://oldbike.wordpress.com/1920s-raleigh-box-sidecar-outfit/) \u0026 [ShellterProject](https://www.shellterproject.com/)\n\n## What is a \"Sidecar\" Pattern?\n\n\u003e Segregating the functionalities of an application into a separate process can be viewed as a Sidecar pattern. The Sidecar design pattern allows you to add a number of capabilities to your application without the need of additional configuration code for 3rd party components.\n\u003e\n\u003e As a sidecar is attached to a motorcycle, similarly in software architecture a sidecar is attached to a parent application and extends/enhances its functionalities. A Sidecar is loosely coupled with the main application.\n\u003e\n\u003e \u0026mdash; SOURCE: [Sidecar Design Pattern in your Microservices Ecosystem, Samir Behara, July 23, 2018](https://samirbehara.com/2018/07/23/sidecar-design-pattern-in-your-microservices-ecosystem/)\n\n## What is a \"Hooking\" Patern?\n\n\u003e Hook: by intercepting function calls or messages or events passed between software components.\n\u003e \u0026mdash; SOURCE: [Hooking, Wikipedia](https://en.wikipedia.org/wiki/Hooking)\n\n## Features\n\n1. Easy to use by TypeScript decorators/annotations\n    1. `@Call(memoryAddress)` for make a API for calling memory address from the binary\n    1. `@Hook(memoryAddress)` for emit arguments when a memory address is being called\n1. Portable on Windows, macOS, GNU/Linux, iOS, Android, and QNX, as well as X86, Arm, Thumb, Arm64, AArch64, and Mips.\n1. Powered by Frida.RE and can be easily extended by any agent script.\n\n## Requirements\n\n1. Mac: disable [System Integrity Protection](https://support.apple.com/en-us/HT204899)\n\n## Introduction\n\nWhen you are running an application on the\nLinux, Mac, Windows, iPhone, or Android,\nyou might want to make it programmatic,\nso that your can control it automatically.\n\nThe SDK and API are designed for achieving this, if there are any.\nHowever, most of the application have very limited functionalities\nfor providing a SDK or API to the developers,\nor they have neither SDK nor API at all,\nwhat we have is only the binary executable application.\n\nHow can we make a binary executable application to be able to called\nfrom our program? If we can call the function in the application process\ndirectly, then we will be able to make the application as our SDK/API,\nthen we can make API call to control the application,\nor hook function inside the application to get to know what happened.\n\nI have the above question and I want to find an universal way to solve it: Frida is for rescue. [Frida](https://frida.re/) is a dynamic instrumentation toolkit for developers and reverse-engineers, which can help us easily call the internal function from a process,\nor hook any internal function inside the process. And it has a nice Node.js binding and TypeScript support, which is nice to me because I love TypeScript much.\n\nThat's why I start build this project: **Sidecar**.\nSidecar is a runtime hooking tool\nfor intercepting function calls\nby decorate a TypeScript class with annotation.\n\nHere's an example code example for demostration that how easy\nit can help you to hook a exiting application.\n\n### Talk is cheap, show me the code\n\n```ts\n@Sidecar('chatbox')\nclass ChatboxSidecar extends SidecarBody {\n\n  @Call(0x11c9)\n  @RetType('void')\n  mo (\n    @ParamType('pointer', 'Utf8String') content: string,\n  ): Promise\u003cstring\u003e { return Ret(content) }\n\n  @Hook(0x11f4)\n  mt (\n    @ParamType('pointer', 'Utf8String') content: string,\n  ) { return Ret(content) }\n\n}\n\nasync function main () {\n  const sidecar = new ChatboxSidecar()\n  await attach(sidecar)\n\n  sidecar.on('hook', ({ method, args }) =\u003e {\n    console.log('method:', method)\n    console.log('args:', args)\n    sidecar.mo('Hello from Sidecar'),\n  })\n\n  process.on('SIGINT',  () =\u003e detach(sidecar))\n  process.on('SIGTERM', () =\u003e detach(sidecar))\n}\n\nmain().catch(console.error)\n```\n\nLearn more from the sidecar example: \u003chttps://github.com/huan/sidecar/blob/main/examples\u003e\n\n## To-do list\n\n- [x] `Intercepter.attach()` a `NativeCallback()` ~~ptr not work in Sidecar generated script. (it is possible by direct using the frida cli)~~ worked! ([#9](https://github.com/huan/sidecar/issues/9))\n- [x] Add typing.d.ts for Sidecar Agent pre-defined variables \u0026 functions\n- [ ] Add `@Name()` support for specify parameter names in `@Hook()`-ed method args.\n- [ ] Calculate `Memory.alloc()` in sidecar agent scripts automatically.\n\n## Explanation\n\n### 1. Sidecar Steps\n\nWhen we are running a Sidecar Class, the following steps will happend:\n\n1. From the sidecar class file, decorators save all configs to the class metadata.\n    1. `@Sidecar()`: \u003csrc/decorators/sidecar/sidecar.ts\u003e, \u003csrc/decorators/sidecar/build-sidecar-metadata.ts\u003e\n    1. `@Call()`: \u003csrc/decorators/call/call.ts\u003e\n    1. `@ParamType()`: \u003csrc/decorators/param-type/param-type.ts\u003e\n    1. `@RetType()`: \u003csrc/decorators/ret-type/ret-type.ts\u003e\n    1. `@Hook()`, `@Name`, etc.\n1. `SidecarBody`(\u003csrc/sidecar-body/sidecar-body.ts\u003e) base class will generate `agentSource`:\n    1. `getMetadataSidecar()`(\u003csrc/decorators/sidecar/metadata-sidecar.ts\u003e) for get the sidecar metadata from the class\n    1. `buildAgentSource()`(\u003csrc/agent/build-agent-source.ts\u003e) for generate the agent source code for the whole sidecar system.\n1. Call the `attach()` method to attach the sidecar to the target\n1. Call the `detach()` method to detach the sidecar to the target\n\n## References\n\n### 1. `@Sidecar(sidecarTarget, initAgentScript)`\n\n1. `sidecarTarget`    : `SidecarTarget`,\n1. `initAgentScript`? : `string`,\n\nThe class decorator.\n\n`sidecarTarget` is the executable binary name,\nand the `initAgentScript` is a Frida agent script\nthat help you to do whatever you want to do\nwith Frida system.\n\nExample:\n\n```ts\nimport { Sidecar } from 'sidecar'\n@Sidecar('chatbox')\nclass ChatboxSidecar {}\n```\n\nIt is possible to load a init agent script, for example:\n\n```ts\nconst initAgentScript = 'console.log(\"this will be runned when the sidecar class initiating\")'\n@Sidecar(\n  'chatbox', \n  initAgentScript,\n)\n```\n\n`sidecarTarget` supports `Spawn` mode, by specifing the `sidecarTarget` as a `array`:\n\n```ts\n@Sidecar([\n  '/bin/sleep', // command\n  [10],         // args\n])\n```\n\nTo learn more about the power of `initAgentScript`, see also this great repo with lots of examples: [Hand-crafted Frida examples](https://github.com/iddoeldor/frida-snippets)\n\n### 2. `class SidecarBody`\n\nBase class for the `Sidecar` class. All `Sidecar` class need to `extends` from the `SidecarBody`, or the system will throw an error.\n\nExample:\n\n```ts\nimport { SidecarBody } from 'sidecar'\nclass ChatboxSidecar extends SidecarBody {}\n```\n\n### 3. `@Call(functionTarget)`\n\n1. `functionTarget`: `FunctionTarget`\n\nThe native call method decorator.\n\n`functionTarget` is the address (in `number` type) of the function which we need to call in the executable binary.\n\nExample:\n\n```ts\nimport { Call } from 'sidecar'\nclass ChatboxSidecar {\n  @Call(0x11c9) mo () {}\n}\n```\n\nIf the `functionTarget` is not the type of `number`, then it can be `string` or an `FunctionTarget` object. See `FunctionTarget` section to learn more about the advanced usage of `FunctionTarget`.\n\n### 4. `@Hook(functionTarget)`\n\n1. `functionTarget`: `FunctionTarget`\n\nThe hook method decorator.\n\n`functionTarget` is the address (in `number` type) of the function which we need to hook in the executable binary.\n\nExample:\n\n```ts\nimport { Hook } from 'sidecar'\nclass ChatboxSidecar {\n  @Hook(0x11f4) mt () {}\n}\n```\n\nIf the `functionTarget` is not the type of `number`, then it can be `string` or an `FunctionTarget` object. See `FunctionTarget` section to learn more about the advanced usage of `FunctionTarget`.\n\n### 5. `@RetType(nativeType, ...pointerTypeList)`\n\n1. `nativeType`      : `NativeType`\n1. `pointerTypeList` : `PointerType[]`\n\n```ts\nimport { RetType } from 'sidecar'\nclass ChatboxSidecar {\n  @RetType('void') mo () {}\n```\n\n### 6. `@ParamType(nativeType, ...pointerTypeList)`\n\n1. `nativeType`      : `NativeType`\n1. `pointerTypeList` : `PointerType[]`\n\n```ts\nimport { ParamType } from 'sidecar'\nclass ChatboxSidecar {\n  mo (\n    @ParamType('pointer', 'Utf8String') content: string,\n  ) {}\n```\n\n### 7. `Name(parameterName)`\n\nTODO: to be implemented.\n\n1. `parameterName`: `string`\n\nThe parameter name.\n\nThis is especially useful for `Hook` methods.\nThe `hook` event will be emit with the method name and the arguments array.\nIf the `Name(parameterName)` has been set,\nthen the event will have additional information for the parameter names.\n\n```ts\nimport { Name } from 'sidecar'\nclass ChatboxSidecar {\n  mo (\n    @Name('content') content: string,\n  ) {}\n```\n\n### 8. `Ret(...args)`\n\n1. `args`: `any[]`\n\nExample:\n\n```ts\nimport { Ret } from 'sidecar'\nclass ChatboxSidecar {\n  mo () { return Ret() }\n```\n\n### 9. `FunctionTarget`\n\nThe `FunctionTarget` is where `@Call` or `@Hook` to be located. It can be created by the following factory helper functions:\n\n1. `addressTarget(address: number, module?: string)`: memory address. i.e. `0x369adf`. Can specify a second `module` to call `address` in a specified module\n1. `agentTarget(funcName: string)`: the JavaScript function name in `initAgentScript` to be used\n1. `exportTarget(exportName: string, exportModule?: string)`: export name of a function. Can specify a second `moduleName` to load `exportName` from it.\n1. `objcTarget`: to be added\n1. `javaTarget`: to be added\n\nFor convenice, the `number` and `string` can be used as `FunctionTarget` as an alias of `addressTarget()` and `agentTarget()`. When we are defining the `@Call(target)` and `@Hook(target)`:\n\n1. if the target type is `number`, then it will be converted to `addressTarget(target)`\n1. if the target type is `string`, then it will be converted to `agentTarget(target)`\n\nExample:\n\n```ts\nimport { \n  Call,\n  addressTarget,\n} from 'sidecar'\nclass ChatboxSidecar {\n  @Call(\n    addressTarget(0x11c9)\n  )\n  mo () {}\n}\n```\n\n#### 9.1 `agentTarget(funcName: string)`\n\n`agentTarget` let you specify a `funcName` in the `initAgentScript` source code, and will use it directly for advanced users.\n\nThere's two type of the `AgentTarget` usage: `@Call` and `@Hook`.\n\n1. `AgentTarget` with `@Call`: the `funcName` should be a JavaScript function instance in the `initAgentScript`. The decorated method call that function.\n1. `AgentTarget` with `@Hook`: the `funcName` should be a `NativeCallback` instance in the `initAgentScript`. The decorated method hook that callback.\n\nNotes:\n\n1. The `NativeFunction` passed to `@Call` must pay attention to\n  the **Garbage Collection** of the JavaScript inside Frida.\n  You have to hold a reference to all the memory you alloced by yourself,\n  for example, store them in a `Object` like `const refHolder = { buf }`,\n  then make sure the `refHolder` will be hold\n  unless you can `free` the memory that you have alloced before. (See also: [Frida Best Practices](https://frida.re/docs/best-practices/))\n1. the `NativeCallback` passed to `@Hook` is recommended to be a empty function,\n  like `() =\u003e {}` because it will be replaced by Sidecar/Frida.\n  So you should not put any code inside it,\n\n## Debug utility: `sidecar-dump`\n\nSidecar provide a utility named `sidecar-dump` for viewing the metadata of the sidecar class, or debuging the frida agent init source code.\n\nYou can run this util by the following command:\n\n```sh\n$ npx sidecar-dump --help\nsidecar-dump \u003csubcommand\u003e\n\u003e Sidecar utility for dumping metadata/source for a sidecar class\n\nwhere \u003csubcommand\u003e can be one of:\n\n- metadata - Dump sidecar metadata\n- source - Dump sidecar agent source\n\nFor more help, try running `sidecar-dump \u003csubcommand\u003e --help`\n```\n\n`sidecar-dump` support two sub commands:\n\n1. `metadata`: dump the metadata for a sidecar class\n1. `source`: dump the generated frida agent source code for a sidecar class\n\n### 1. `sidecar-dump metadata`\n\nSidecar is using decorators heavily, for example, we are using `@Call()` for specifying the process target, `@ParamType()` for specifying the parameter data type, etc.\n\nInternally, sidecar organize all the decorated information as metadata and save them into the class.\n\nthe `sidecar-dump metadata` command is to viewing this metadata information, so that we can review and debug them.\n\nFor example, the following is the metadata showed by sidecar-dump for our `ChatboxSidecar` class from [examples/chatbox-sidecar.ts](examples/chatbox-sidecar.ts).\n\n```sh\n$ sidecar-dump metadata examples/chatbox-sidecar.ts\n{\n  \"initAgentScript\": \"console.log('inited...')\",\n  \"interceptorList\": [\n    {\n      \"agent\": {\n        \"name\": \"mt\",\n        \"paramTypeList\": [\n          [\n            \"pointer\",\n            \"Utf8String\"\n          ]\n        ],\n        \"target\": \"agentMt_PatchCode\",\n        \"type\": \"agent\"\n      }\n    }\n  ],\n  \"nativeFunctionList\": [\n    {\n      \"agent\": {\n        \"name\": \"mo\",\n        \"paramTypeList\": [\n          [\n            \"pointer\",\n            \"Utf8String\"\n          ],\n          [\n            \"pointer\",\n            \"Utf8String\"\n          ]\n        ],\n        \"retType\": [\n          \"void\"\n        ],\n        \"target\": \"agentMo\",\n        \"type\": \"agent\"\n      }\n    }\n  ],\n  \"sidecarTarget\": \"/tmp/t/examples/chatbox/chatbox-linux\"\n}\n```\n\n### 2. `sidecar-dump source`\n\nSidecar is using Frida to connect to the program process and make communication with it.\n\nIn order to make the connection, sidecar will generate a frida agent source code, and using this agent as the bridge between the sidecar, frida, and the target program process.\n\nthe `sidecar-dump source` command is to viewing this frida agent source, so that we can review and debug them.\n\nFor example, the following is the source code showed by sidecar-dump for our `ChatboxSidecar` class from [examples/chatbox-sidecar.ts](examples/chatbox-sidecar.ts).\n\n```ts\n$ sidecar-dump source  examples/chatbox-sidecar.ts\n...\nconst __sidecar__mo_Function_wrapper = (() =\u003e {\n  const nativeFunctionAddress =\n    __sidecar__moduleBaseAddress\n    .add(0x11e9)\n\n  const nativeFunction = new NativeFunction(\n    nativeFunctionAddress,\n    'int',\n    ['pointer'],\n  )\n\n  return function (...args) {\n    log.verbose(\n      'SidecarAgent',\n      'mo(%s)',\n      args.join(', '),\n    )\n\n    // pointer type for arg[0] -\u003e Utf8String\n    const mo_NativeArg_0 = Memory.alloc(1024 /*Process.pointerSize*/)\n    mo_NativeArg_0.writeUtf8String(args[0])\n\n    const ret = nativeFunction(...[mo_NativeArg_0])\n    return Number(ret)\n  }\n})()\n\n;(() =\u003e {\n  const interceptorTarget =\n    __sidecar__moduleBaseAddress\n    .add(0x121f)\n\n  Interceptor.attach(\n    interceptorTarget,\n    {\n      onEnter: args =\u003e {\n        log.verbose(\n          'SidecarAgent',\n          'Interceptor.attach(0x%s) onEnter()',\n          Number(0x121f).toString(16),\n        )\n\n        send(__sidecar__payloadHook(\n          'mt',\n          [ args[0].readUtf8String() ]\n        ), null)\n\n      },\n    }\n  )\n})()\n\nrpc.exports = {\n  mo: __sidecar__mo_Function_wrapper,\n}\n```\n\nYou can dump the sidecar agent source code to a javascript file, then using it with frida directly for debugging \u0026 testing.\n\n```sh\n$ sidecar-dump source chatbox-sidecar.ts \u003e agent.js\n$ frida chatbox -l agent.js\n     ____\n    / _  |   Frida 14.2.18 - A world-class dynamic instrumentation toolkit\n   | (_| |\n    \u003e _  |   Commands:\n   /_/ |_|       help      -\u003e Displays the help system\n   . . . .       object?   -\u003e Display information about 'object'\n   . . . .       exit/quit -\u003e Exit\n   . . . .\n   . . . .   More info at https://frida.re/docs/home/\n                                                                                \n[Local::chatbox]-\u003e rpc.exports.mo('hello from frida cli')\n```\n\n## Resources\n\n### RPA Examples\n\n1. [Quake REST API demo](https://gist.github.com/oleavr/51066491b6961b608fb38fb1fb971dd3)\n\n### Papers\n\n1. [Assembly to Open Source Code Matching for Reverse Engineering and Malware Analysis](https://pdfs.semanticscholar.org/00d8/9af14d1632499636917613a27edac5cf5005.pdf)\n\n### Dll\n\n1. [Wikipedia: DLL injection](https://en.wikipedia.org/wiki/DLL_injection)\n1. [Code Tutorial: InjectDLL](http://www.quantumg.net/injectdll.php)\n\n### Frida\n\n1. TypeScript - [Frida环境搭建 - windows (给IDE提供智能感知/提示)](https://bbs.pediy.com/thread-254086.htm)\n1. TypeScript - [Example - Frida agent written in TypeScript](https://github.com/oleavr/frida-agent-example)\n1. Talk Video - [Prototyping And Reverse Engineering With Frida by Jay Harris](https://www.youtube.com/watch?v=cLUl_jK59EM)\n1. Talk Video - [r2con 2017 - Intro to Frida and Dynamic Machine Code Transformations by Ole Andre](https://www.youtube.com/watch?v=sBcLPLtqGYU)\n1. [Hand-crafted Frida examples](https://github.com/iddoeldor/frida-snippets)\n1. Slide - [基于 FRIDA 的全平台逆向分析 - caisi.zz@alipay.com](https://www.slideshare.net/ssusercf6665/frida-107244825) ([GitHub repo](https://github.com/ChiChou/gossip-summer-school-2018/blob/master/ios-macOS-fake-location/fake.js))\n1. [Awesome Frida](https://github.com/dweinstein/awesome-frida)\n1. [How to call methods in Frida Gadget (JavaScript API iOS)](https://github.com/frida/frida/issues/567)\n1. [Frida调用栈符号恢复](http://4ch12dy.site/2019/07/02/xia0CallStackSymbols/xia0CallStackSymbols/)\n1. [Cross-platform reversing with Frida, Oleavr, NoConName December 2015](https://frida.re/slides/ncn-2015-cross-platform-reversing-with-frida.pdf)\n1. [Frida: JavaScript API](https://frida.re/docs/javascript-api/)\n1. [Calling native functions with Frida, @poxyran](https://poxyran.github.io/poxyblog/src/pages/02-11-2019-calling-native-functions-with-frida.html)\n1. [Shellcoding an Arm64 In-Memory Reverse TCP Shell with Frida, Versprite](https://versprite.com/blog/application-security/frida-engage-part-two-shellcoding-an-arm64-in-memory-reverse-tcp-shell-with-frida/)\n1. [Anatomy of a code tracer, Ole André Vadla Ravnås, Oct 24, 2014](https://medium.com/@oleavr/anatomy-of-a-code-tracer-b081aadb0df8)\n1. [frida-boot 👢\na binary instrumentation workshop, using Frida, for beginners, @leonjza](http://lib.21h.io/library/5UT97EFH/download/FNGRSN2C/3c5bde85-2f1b-4eee-9a98-c2d959d732ee.pdf)\n1. [frida javascript api手册](https://www.cnblogs.com/Eeyhan/p/13414629.html)\n1. [Frida 12.7 Released - CModule](https://frida.re/news/2019/09/18/frida-12-7-released/)\n1. [Getting Started with Frida: Hooking a Function and Replacing its Arguments](https://blog.fadyothman.com/getting-started-with-frida-hooking-main-and-playing-with-its-arguments/)\n\n### Unicode\n\n1. [字符编码笔记：ASCII，Unicode 和 UTF-8, 阮一峰，2007年10月28日](http://www.ruanyifeng.com/blog/2007/10/ascii_unicode_and_utf-8.html)\n\n### Assembler\n\n- [Online x86 / x64 Assembler and Disassembler](https://defuse.ca/online-x86-assembler.htm) (`0xf` is not valid, use `0x0f` instead)\n- [易语言汇编代码转置入代码开源](https://www.eyuyan.la/post/15447.html)\n- [The 32 bit x86 C Calling Convention](https://aaronbloomfield.github.io/pdr/book/x86-32bit-ccc-chapter.pdf)\n- [x86 Disassembly/Calling Conventions](https://en.wikibooks.org/wiki/X86_Disassembly/Calling_Conventions)\n- [How to pass parameters to a procedure in assembly?](https://stackoverflow.com/a/44738641/1123955)\n- [NativeCallback doesn't seem to work on Windows, except for mscdecl #525](https://github.com/frida/frida-gum/issues/525)\n\n### ObjC\n\n- [Learn Object-C Cheatsheet](http://cocoadevcentral.com/d/learn_objectivec/)\n- [Objective-C // Runtime Method Injection](http://labs.distriqt.com/post/846)\n- [The Node.js ⇆ Objective-C bridge](https://github.com/tootallnate/NodObjC)\n- [iOS逆向分析笔记](https://www.jianshu.com/p/157f56d60a59)\n- [iOS — To swizzle or not to swizzle?](https://medium.com/rocknnull/ios-to-swizzle-or-not-to-swizzle-f8b0ed4a1ce6)\n- [0x04 Calling iOS Native Functions from Python Using Frida and RPC](https://grepharder.github.io/blog/0x04_calling_ios_native_functions_from_python_using_frida_and_rpc.html)\n- [Runtime奇技淫巧之类(Class)和对象(id)以及方法(SEL)](https://www.jianshu.com/p/37e1b71ad03a)\n\n### Java\n\n- [Tiktok data acquisition Frida tutorial, Java, Interceptor, NativePointer(Function/Callback) usage and examples](https://www.fatalerrors.org/a/0dx91Tk.html)\n\n## Related project: FFI Adapter\n\nI have another NPM module named [ffi-adapter](https://github.com/huan/ffi-adapter), which is a Foreign Function Interface Adapter Powered by Decorator \u0026 TypeScript.\n\nLearn more about FFI from its examples at \u003chttps://github.com/huan/ffi-adapter/tree/master/tests/fixtures/library\u003e\n\n## Badge\n\n[![Powered by Sidecar](https://img.shields.io/badge/Powered%20By-Sidecar-brightgreen.svg)](https://github.com/huan/sidecar)\n\n```markdown\n[![Powered by Sidecar](https://img.shields.io/badge/Powered%20By-Sidecar-brightgreen.svg)](https://github.com/huan/sidecar)\n```\n\n## Demos for Community\n\nWe have created different demos that work-out-of-box for some use cases.\n\nYou can visit them at [Sidecar Demos](https://github.com/wechaty/sidecar-demos) if you are interested.\n\n## History\n\n### master v1.0 (Nov 24, 2021)\n\n1. ES Modules support ([#17](https://github.com/huan/sidecar/issues/17))\n1. TypeScript version 4.5\n1. Breaking change: Add `hook` event for all hooked methods\n\n### v0.14 (Aug 13, 2021)\n\nPublish to NPM as **sidecar** package name!\n\n1. Enforce `AgentTarget` not to be decorated by neither `@ParamType` nor `@RetType` for prevent confusing.\n\n### v0.12 (Aug 5, 2021)\n\n1. Refactor wrappers for include '[' and ']' in array return string\n1. `agentTarget` now point to JavaScript function in `initAgentScript` instead of ~~`NativeFunction`~~\n1. Add `scripts/post-install.ts` to double check `frida_binding.node` existance and run `prebuild-install` with cdn if needed ([#14](https://github.com/huan/sidecar/issues/14))\n\n### v0.9 (Jul 29, 2021)\n\n1. `agentTarget` will use `NativeFunction` instead of a plain javascript function\n1. Clean sidecar frida agent templates\n    1. Use closure to encapsulate variables\n    1. Add `__sidecar__` namespace for all variable names\n1. Enhance `@Sidecar()` to support spawn target. e.g. `@Sidecar(['/bin/sleep', [10]])`\n1. Add `.so` \u0026 `.DLL` library example for Linux \u0026 Windows ([Dynamic Library Example](examples/dynamic-library/))\n1. Add support for raw `pointer` type\n\n### v0.6 (Jul 7, 2021)\n\n1. Upgrade to TypeScript 4.4-dev for supporting index signatures for symbols. ([Microsoft/TypeScript#44512](https://github.com/microsoft/TypeScript/pull/44512))\n1. Add `sidecar-dump` utility: it dump the sidecar `metadata` and `source` from a class defination file now.\n1. Add pack testing for `sidecar-dump` to make sure it works under Liniux, Mac, and Windows.\n\n### v0.2 (Jul 5, 2021)\n\n1. Add `agent` type support to `FunctionTarget` so that both `@Call` and `@Hook`can use a pre-defined native function ptr defined from the `initAgentScript`. (more types like `java`, `objc`, `name`, and `module` to be added)\n\n### v0.1 (Jul 4, 2021)\n\nFirst worked version, published to NPM as `sidecar`.\n\n### v0.0.1 (Jun 13, 2021)\n\nRepo created.\n\n## Troubleshooting\n\n### 1. Debug `initAgentScript`\n\nIf sidecar tells you that there's some script error internally, you should use `sidecar-dump` utility to dump the source of the frida agent script to a `agent.js` file, and use `frida -l agent.js` to debug it to get a clearly insight.\n\n```sh\n$ sidecar-dump source your-sidecar-class.ts \u003e agent.js\n$ frida -l agent.js\n# by this way, you can locate the error inside the agent.js\n# for easy debug and fix.\n```\n\n## Special thanks\n\nThanks to Quinton Ashley [@quinton-ashley](https://github.com/quinton-ashley) who is the previous owner of NPM name `sidecar` and he transfer this beautify name to me for publishing this project after I requested via email. Appreciate it! (Jun 29, 2021)\n\n## Author\n\n[Huan LI](https://github.com/huan) ([李卓桓](http://linkedin.com/in/zixia)), [Microsoft Regional Director](https://rd.microsoft.com/en-us/huan-li), zixia@zixia.net\n\n[![Profile of Huan LI (李卓桓) on StackOverflow](https://stackexchange.com/users/flair/265499.png)](https://stackexchange.com/users/265499)\n\n## Copyright \u0026 License\n\n- Docs released under Creative Commons\n- Code released under the Apache-2.0 License\n- Code \u0026 Docs © 2021 Huan LI \\\u003czixia@zixia.net\\\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhuan%2Fsidecar","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhuan%2Fsidecar","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhuan%2Fsidecar/lists"}