It should work in most Flutter and React Native apps unless they have some other protections enabled. In general, the language the app is built with should not have any effect on using Frida.

Yes. You have to start the frida server on the device for anything using either objection or frida.

Where the root or pinning check is executed doesn't typically have any effect on whether or not it can be bypassed.

SSL pinning and code obfuscation are two different unrelated mechanics. whether or not you have code obfuscation doesn't affect SSL pinning at all.

I haven't had much experience working with flutter apps, but whenever I get more experience in that area, I will probably make a video about it.

Honestly, I have tested a lot of apps at this point, and I almost never see frida detection. I know it does exist, but it just doesn't seem that common. I probably will cover that in a future video at some point though.

@@CorSecure second vote for frida detection on top of ssl on top of certificate pinning please and thank you brutha!..

@@CorSecure all relevant applications are protected I think. Like Facebook, Instagram, Tiktok, Snapchat, KZbin, games, etc.

​@@CorSecureanother vote. My app always show 'Secure violation ' "Frida tools" detected, the app will be terminated' Is there a way to hide/remove the frida tools?

There are some other solutions using certificate transparency and some more robust protections that are more difficult to bypass. Most of these options are significantly more work (and sometimes more cost for enterprise solutions), but by the nature of mobile applications, they are most likely not impossible to bypass either. It really comes down to whether or not the benefit of having those protections in place are worth the additional effort and/or cost.

It depends on how the app is implementing the emulation detection, but here is a Frida script from the Frida Codeshare that might work for you. codeshare.frida.re/@khantsithu1998/bypass-react-native-emulator-detection/ I'm going to try to make another video showing some different kinds of Frida bypasses soon.

I have a video where I walk through patching an apk with objection, and I work through some different errors that are commonly seen with objection. I don't know of a different way to build the gadget into the apk. kzbin.info/www/bejne/p5Ktc4qZqsp2f6M

Thank you I managed to get it working on my rooted device through adb pair the only thing I tweaked was using adb pair you should try it once you finish pushing and modifying the server in /data/local/tmp you can run it in the back ground frida-server & and check to see if command execution was granted access with frida-ps -U all over wifi this is amazing I'm going to pop some pop corn and watch your tutorial here in an hour currently going to watch some of the originals episodes on vampires thank you @@CorSecure

I have another video where I went over installing the frida server on the device. kzbin.info/www/bejne/iWm0pWSajMuDoNU I misunderstood your question. I thought you specifically wanted to package the frida gadget with the apk. It sounds like you have it figured out though, so I'm glad you got everything working.

@@CorSecure yeah I tried to follow it but I have too many errors with zipalign I even tried using frida-gadget I took it all the way back to now I'm going to create my own app with android studio and simply inject the Frida file there I have my aarch ready

Interesting. I don't think I've ever seen an app that checked for Developer Options. I would imagine that you could probably bypass that check with Frida. You can check the Frida Codeshare to see if there are any scripts that have already been made by the community, but you might have to do some reverse engineering and write your own script.

@@CorSecure Yes there is, the app is made with flutter (it's a banking app). To use The frida and Objection, the Developer Options has to be turned on, yes? I'm still not famiar with frida scripts, maybe you can do update in your video about the script for Dev Option checking, please.