In frida-trace there is a -W option that can be used to await spawn, i.e. one can specify API filter with -j flag for a Android APK and use -W to have frida wait for the app to be started.
So based on the above, it appears the app has to be started before JS scripts can be added to monitor APIs.
My questions are as follows:
How is attachable state defined ? Does it mean process has started executing ?
Is there a way in python to match behavior of the -W flag, i.e. mention which scripts need to be loaded before app process is started, and then start the app process ?
Does spawn / resume by default starts the main activity of the specified app ?
In
frida-trace
there is a -W option that can be used to await spawn, i.e. one can specify API filter with -j flag for a Android APK and use -W to have frida wait for the app to be started.In python, I see the following APIs: https://github.com/frida/frida-python/blob/ebd797e4bc248b8d895d68ebf244a34744cb3ea9/frida/core.py#L821
https://github.com/frida/frida-python/blob/ebd797e4bc248b8d895d68ebf244a34744cb3ea9/frida/core.py#L571
So based on the above, it appears the app has to be started before JS scripts can be added to monitor APIs.
My questions are as follows: