A powerful Android security research tool that automatically generates Frida scripts for signature and security bypass operations. This tool extracts APK signatures and creates custom hooks to bypass signature verification, security checks, and API protections.
Click here to watch the video on YouTube
- Automatic APK signature extraction
- Custom Frida script generation
- Multiple certificate format support (RSA, DSA, EC)
- Security verification bypass
- API key protection bypass
- Package name detection
- MessageDigest bypass
- Java Security signature bypass
# Ubuntu/Debian
sudo apt-get update
sudo apt-get install python3 python3-pip openssl android-sdk-build-tools adb
# Arch Linux
sudo pacman -S python python-pip openssl android-sdk-build-tools android-tools
# macOS
brew install python3 openssl android-sdk-build-tools android-platform-toolsfrida-tools>=12.0.0
hexdump>=3.3.0
construct>=2.10.0
colorama>=0.4.6
- Clone the repository:
git clone https://github.com/riyadmondol2006/Frida-Sign-Hook-Generator.git
cd Frida-Sign-Hook-Generator- Install requirements:
pip3 install -r requirements.txt-
Enable Developer Mode & USB Debugging:
- Go to Settings → About Phone
- Tap Build Number 7 times
- Go back to Settings → Developer Options
- Enable USB Debugging
-
Download Frida Server:
- Get latest version from Frida Releases
- Choose correct architecture:
- arm64: Modern Android phones
- arm: Older 32-bit phones
- x86_64: x64 emulators
- x86: 32-bit emulators
-
Setup Frida Server:
# Check device connection
adb devices
# Push frida-server
adb push frida-server /data/local/tmp/
adb shell "chmod 755 /data/local/tmp/frida-server"- Start Frida Server:
# Root required
adb shell "su -c '/data/local/tmp/frida-server &'"- Generate Script:
python3 run.py path/to/your.apk- Deploy & Run:
# Push generated script
adb push frida_[package_name].js /data/local/tmp/
# Run with Frida
frida -U -l /data/local/tmp/frida_[package_name].js -f [package_name]When everything works correctly, you'll see:
>> start
>> api.init
>> sig.init
>> sec.init
>> done
The tool performs these operations:
- Extracts the target APK's signature
- Detects the package name
- Generates a custom Frida script that:
- Hooks signature verification methods
- Bypasses security checks
- Handles API key protection
- Implements MessageDigest bypass
# Check if running
adb shell ps | grep frida
# Restart server
adb shell "su -c 'killall frida-server'"
adb shell "su -c '/data/local/tmp/frida-server &'"# Restart ADB
adb kill-server
adb start-server
adb devices# Check root
adb shell su
# Verify permissions
adb shell "ls -l /data/local/tmp/frida-server"-
"Device not found":
- Check USB debugging is enabled
- Restart ADB server
- Try different USB cable/port
-
"Frida server not running":
- Verify device is rooted
- Check correct architecture version
- Kill and restart frida-server
-
"Script injection failed":
- Verify package name
- Check if app is installed
- Confirm frida-server is running
-
Root Access Required:
- Device must be rooted
- Su binary must be available
- Root manager must grant permissions
-
Compatibility:
- Android 5.0+ supported
- Both ARM and x86 architectures
- Works with most root solutions
-
Limitations:
- Some apps may have additional protections
- Root detection might need additional bypass
- Custom ROM might affect functionality
- Custom Hook Modifications:
class CustomHooks {
static init() {
try {
// Add your custom hooks here
} catch (e) { err("custom.fail", e) }
}
}- Multiple APK Processing:
for apk in *.apk; do
python3 run.py "$apk"
doneThis tool is for educational and research purposes only. Users are responsible for compliance with local laws and regulations. The creator is not responsible for any misuse or damage.
Created by: Riyad M
- Telegram: @riyadmondol2006
- GitHub: @riyadmondol2006
- YouTube: @reversesio
This project is licensed under the MIT License - see the LICENSE file for details.
Made with ❤️ by Riyad M