Bypassing advance frida detections using Frida

Рет қаралды 3,413

7 ай бұрын

#fridadetection #fridabypass #android #pentest #arm64 #mobilesecurity
In this video we are going to learn some new frida detection techniques which requires both static and dynamic analysis. We are going to use radare2 and Ghidra tools as our disassembler to disassemble the binary and extract some insights from it and also understand how application hides some of the implementation using stealthy techiques.
To be precise we are going to learn:
1. Port based frida detection
2. Frida artifacts based detection
3. libc checksum based frida detection
You can download the sample application from our github repo:
github.com/fatalSec/android_i...
Consider subscribing to the channel and also hit the like button.
Stay connected with us on:
Telegram: t.me/SecFatal
X: / secfatal

Пікірлер: 17

@1337devil 7 ай бұрын

Great content, and yes it's better to explain everything indepth. thank you

@fatalsec 7 ай бұрын

Thanks, noted.

@beluga8569 7 ай бұрын

I must say, a very interesting topic. Previously, I myself was deeply immersed in it, not without your help. Now I'm immersed in studying GAS assembler, but it was nice to remember that time

@fatalsec 6 ай бұрын

Could you tell me more about GAS assembler?

@beluga8569 6 ай бұрын

@@fatalsec What specifically would you like to hear about? Assembly language is a very broad topic

@niveditasharma2173 7 ай бұрын

Very well explained as always. Looking forward for more interesting videos.

@aliaboahmad8430 6 ай бұрын

Great content keep it on❤

@berkedel 7 ай бұрын

as always, awesome content. thank you

@serhatomerrencber752 6 ай бұрын

you are good !

@ayushmauryars 4 ай бұрын

We Indians are going to be the next generation cyber security

@mohammedeldawody...6165 4 ай бұрын

Thank you for the great video! unfortunally I had a problem. whenever I edit libc.so in the maps file, I get errors

@leonjeon6206 6 ай бұрын

How did you know you needed to add 2 bytes at 12:50, it's not stated on the man page.

@fatalsec 6 ай бұрын

If you look at the structure of structaddr you will notice that the first field is of type sa_family_t which is short unsigned integer which takes 2bytes.

@ayushmauryars 4 ай бұрын

Bro please don't skip. And please don't go for noobs who don't like theories. But personally I live theories and analysis very much because if tomorrow things change, then you can't repeat a process until you know how it works. So please continue explanation😢