└── README.md
/README.md:
--------------------------------------------------------------------------------
1 | # my-FRIDA-scripts
2 |
3 |
4 | # Description
5 | Some useful FRIDA javascript tools for mobile security analysis (some are also shared on: ), these scripts have been tested only on devices (it is not guaranteed that they work on emulators):
6 |
7 | #### Android Multiple Certificate Pinning Bypass
8 | Script to bypass multiple certificate pinning checks in Android apps:
9 | * [frida_multiple_unpinning.js]()
10 |
11 | #### Android Universal Certificate Pinning Bypasser
12 | Script to bypass certificate pinning check implemented with a recursive TrustManager in Android apps:
13 | * [frida_universal_pinning_bypasser.js]()
14 |
15 | #### Android Network Security Config Bypasser
16 | Script to bypass network security config pinning check in Android apps (inspired by other similar scripts as `https://research.nccgroup.com/2017/11/03/bypassing-androids-network-security-configuration/` and `https://cmrodriguez.me/blog/nsc-bypass/`):
17 | * [frida_netsecconfig_bypass.js]()
18 |
19 | #### Android Keystore Spy
20 | Script to analyze the calls to Android Keystore performed by Android apps:
21 | * [keystore_spy.js]()
22 |
23 |
24 | # GNU License
25 | - Copyright (c) 2019
26 |
27 | This program is free software: you can redistribute it and/or modify
28 | it under the terms of the GNU General Public License as published by
29 | the Free Software Foundation, either version 3 of the License, or
30 | (at your option) any later version.
31 |
32 | This program is distributed in the hope that it will be useful,
33 | but WITHOUT ANY WARRANTY; without even the implied warranty of
34 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
35 | GNU General Public License for more details.
36 |
37 | You should have received a copy of the GNU General Public License
38 | along with this program. If not, see
39 |
--------------------------------------------------------------------------------