Skip to content

Frida Android Helper#1974

Open
carlospolop wants to merge 1 commit intomasterfrom
update_Frida_Android_Helper_20260309_185502
Open

Frida Android Helper#1974
carlospolop wants to merge 1 commit intomasterfrom
update_Frida_Android_Helper_20260309_185502

Conversation

@carlospolop
Copy link
Collaborator

@carlospolop carlospolop commented Mar 9, 2026

🤖 Automated Content Update

This PR was automatically generated by the HackTricks News Bot based on a technical blog post.

📝 Source Information

  • Blog URL: https://github.com/secuworm2/frida-android-helper2
  • Blog Title: Frida Android Helper
  • Suggested Section: Mobile Pentesting -> Android Applications Pentesting (augment Frida/Objection content; add a subsection for tooling/workflows such as adb-reverse+iptables transparent proxying, intent/component invocation automation, and runtime DEX dumping via ART DefineClass hook)

🎯 Content Summary

What it is


The repository provides Frida Android Helper (FAH), a Python-based CLI utility that automates common Android pentesting and reverse-engineering tasks via ADB. It connects to the ADB server using the pure-python-adb library (so it can drive device actions programmatically rather than relying only on shelling out to adb).

Prerequisites / lab requirements


  • Python 3
  • ADB available and an ADB-ac...

    🔧 Technical Details

    Dynamic instrumentation workflow: automate deployment and lifecycle of frida-server on a device (start/stop/reboot/update/update <version>) so runtime hooking and security-control bypass testing can begin immediately without manual setup.

    Traffic interception workflow: configure Android-wide proxy host/port (default 8080), or transparently route traffic through the host by combining adb reverse with on-device iptables DNAT rules (default 8844), enabling transparent-mode proxies (e.g., Burp) to observe/modify app traffic in a controlled test environment.

    Android component attack-surface workflow: enumerate Activities/Services/Receivers/Providers and trigger them by index/component; for BroadcastReceivers specifically, parse intent-filter actions from the manifest and emit one copy/paste am broadcast com...

    🤖 Agent Actions

    Summary:
    Added a new “Frida Android Helper (FAH) workflows” section in src/mobile-pentesting/android-app-pentesting/README.md covering frida-server lifecycle, proxying (global and adb-reverse+iptables DNAT), intent/component automation, and ART DefineClass DEX dumping, plus the blog reference.

    Files changed:

    • src/mobile-pentesting/android-app-pentesting/README.md

    Tests:

    • Not run (not requested).

    This PR was automatically created by the HackTricks Feed Bot. Please review the changes carefully before merging.

@carlospolop
Copy link
Collaborator Author

carlospolop commented Mar 9, 2026

🔗 Additional Context

Original Blog Post: https://github.com/secuworm2/frida-android-helper2

Content Categories: Based on the analysis, this content was categorized under "Mobile Pentesting -> Android Applications Pentesting (augment Frida/Objection content; add a subsection for tooling/workflows such as adb-reverse+iptables transparent proxying, intent/component invocation automation, and runtime DEX dumping via ART DefineClass hook)".

Repository Maintenance:

  • MD Files Formatting: 954 files processed

Review Notes:

  • This content was automatically processed and may require human review for accuracy
  • Check that the placement within the repository structure is appropriate
  • Verify that all technical details are correct and up-to-date
  • All .md files have been checked for proper formatting (headers, includes, etc.)

Bot Version: HackTricks News Bot v1.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@carlospolop