darvincisec / DetectFrida

Detect Frida for Android
MIT License
690 stars 138 forks source link

DetectFrida

This project has 3 ways to detect frida hooking

  1. Detect through named pipes used by Frida
  2. Detect through frida specific named thread
  3. Compare text section in memory with text section in disk for both libc and native library

More details can be found in my blog -> DetectFrida

Also this project has 3 mechanisms to harden the native code

  1. Replace certain libc calls with syscalls
  2. Replace string,memory related operation with custom implementation
  3. Apply O-LLVM native obfuscation

More details can be found in my blog -> Hardening Native Code

arm64, armv7a, x86_64 architectures are supported in this project. The hardened APK is provided for interested reverse engineers to analyze.

Updates

Note

Henceforth, Please don't raise issue asking for OLLVM binary for Windows. PRs welcome.