talsec / Free-RASP-Community

SDK providing app protection and threat monitoring for mobile devices, available for Flutter, Cordova, Android and iOS.
https://talsec.app/freerasp-in-app-protection-security-talsec
MIT License
362 stars 13 forks source link
app-shielding application-security appsec attack-detection cloning flutter-rasp flutter-security fraud-detection freerasp frida-detection hooking rasp rasp-library repackaging-detection reverse-engineering security-hardening security-tools shadow-detection tampering-detection

GitHub Repo stars GitHub GitHub Publisher 42matters

freeRASP

In-App protection is a mobile security technology that allows mobile applications to check the security state of the environment they run within, actively counteract attack attempts, and control the integrity of the app. Such technology is also called RASP (Runtime App Self Protection) or App Shielding.

freeRASP is a mobile in-app protection and security monitoring SDK. It aims to cover the main aspects of RASP and application shielding.

:loudspeaker: The official documentation has been moved to a new location. You can now find it here. :loudspeaker:

Overview

The freeRASP is a lightweight and easy-to-integrate security library designed to protect apps from potential threats during their runtime. It contains multiple security checks, each aimed to cover a possible attack vector to ensure a high level of application security. Among other options, it is able to detect reverse engineering, repackaging or cloning attempts, and running in an unsafe OS environment. It is freely distributed for all mobile platforms and is also available for Flutter, Capacitor, Cordova and React Native developers.

You can check platform-specific submodules for the installation guide and specific details down below:

Key advantages

:dart: Features

freeRASP provides protection against potentially dangerous behavior, including the following:

:heavy_check_mark: Using rooted or jailbroken devices (e.g., su, Magisk, unc0ver, check1rain, Dopamine)

:heavy_check_mark: Reverse engineering attempts

:heavy_check_mark: Running hooking frameworks (e.g., Frida, Xposed or Shadow)

:heavy_check_mark: Tampering or repackaging the application

:heavy_check_mark: Installing the app through untrusted methods/unofficial stores

Visit our wiki to learn more details about the performed checks and their importance for app security.

:book: Discover the Official freeRASP Documentation

Visit the GitBook page for comprehensive and up-to-date guides, tutorials, and technical documentation specifically for freeRASP. Whether you're just starting out or looking for advanced tips to enhance your project, you'll find everything you need here.

:link: Integration Guide

For a seamless integration experience, follow the steps provided in the Integration Guide. This guide offers detailed instructions to ensure a smooth and efficient process, no matter what platform you're working with.

Make sure to bookmark the page and stay updated :books: :sparkles:!

:scroll: Reference to Legacy Documentation

If you have any suggestions for improvement or notice anything that could be clarified in the new GitBook documentation, please open an issue. Your feedback helps us maintain high-quality resources for all users.

For additional information and historical context, you can refer to the freeRASP wiki, which includes valuable legacy details and insights. Additionally, the old information and historical context can be found when you checkout to a specific tag. Your input is invaluable in helping us improve our resources and provide even better support for your needs.

:rocket: What's New and Changelog

Stay informed and make the most of freeRASP by checking out What's New and Changelog! Here, you’ll discover the latest features, enhancements, and bug fixes we’ve implemented to improve your experience across all platforms, including Android, iOS, Flutter, React Native, Capacitor, and Cordova.

Don’t miss out on any updates and explore the changelog to see how we’re continually making freeRASP better for you!

:sparkles: Enhancements

If you have any ideas for improvements, feel free to raise an issue and mark it with an enhancement label. We track these enhancements using GitHub Projects to keep tasks organized and connected to relevant issues or pull requests.

You can check out the project board here.

:page_facing_up: License

This project is provided as freemium software, i.e. there is a fair usage policy that imposes some limitations on the free usage. The SDK software consists of open-source and binary parts, which is the property of Talsec. The open-source part is licensed under the MIT License - see the LICENSE file for details.