-
Notifications
You must be signed in to change notification settings - Fork 223
Overview
Frida is a popular cross-platform dynamic instrumentation framework. While Frida is a handy tool that enables security researchers to perform different kinds of dynamic testing, including function hooking and interception, using it during mobile application assessments can be a chore. Such work often involves a slow, tedious process of writing Frida scripts themselves, which primarily take one of two forms: a self-contained tool leveraging Frida's client APIs, or batches of JavaScript to be injected by one of the core Frida command-line tools. The former require a fair amount of glue code to inject the actual scripts, and the latter often results in a large amount of disorganized hook code. Additionally, in both cases, the JavaScript code itself often requires a large amount of boilerplate for every function hook.
To tackle this complexity, I wrote House, a runtime mobile application analysis toolkit with a Web GUI that is powered by Frida and written in Python. House is designed for helping assess mobile applications by implementing dynamic function hooking and intercepting and intended to make Frida script writing as simple as possible.
House is an open source web application that simplifies the testing process with Frida. With House, security researchers can easily generate Frida scripts to perform various tasks including enumeration, function hooking and intercepting. It also provides an easy-to-use web UI for researchers to generate, customize, and manage their Frida scripts. House is currently focused on Android testing, but the plan is to extend it in the future to generalize it.
House provides the following key features through its UI by automatically generating the underlying Frida scripts implementing them:
Monitor: Dynamically generating hook script from templates, monitor key operations including FILEIO, IPC, etc.
Class Enumeration: Enumerates both defined and loaded Java classes within an application, with the ability to filter by package name.
Method Enumeration: Enumerates all methods within a given class.
Multiple Function Tracing: Traces and logs calls to functions declared through the UI.
Customize Generated Scripts: House provides a user interface to tweak its generated scripts.
Function Interception: House provides users with the ability to inspect and interdict live function calls through the use of hook snippets, an interception UI, and a live REPL.
Preload & Sideload: House now support sideload. It supports stetho side loading at this point; which makes it easier for us to examine the UI; storage; etc.