Hooker is a comprehensive Frida-based reverse engineering toolkit designed for Android developers and security researchers. It streamlines the process of dynamic analysis by providing a user-friendly CLI, universal scripts, automated hook generation, memory inspection, and tools for SSL pinning bypass and native function hooking.

How It Works

Hooker leverages Frida to inject JavaScript into Android applications, enabling dynamic instrumentation. Its core design revolves around a powerful CLI that acts as a central hub for managing Frida scripts, attaching to processes, and executing various analysis tasks. The toolkit includes pre-built "universal scripts" for common tasks like tracking network requests, UI events, and string manipulation, significantly reducing the effort required for initial analysis. It also automates the generation of custom hook scripts based on specified classes or methods, complete with detailed logging and stack traces.

Quick Start & Requirements

• Install: Clone the repository and install dependencies using pip3 install -r requirements.txt.
• Prerequisites: Android device with adb access and root privileges (for frida-server deployment).
• Setup: Deploy frida-server to the device using mobile-deploy.sh or deploy2.sh.
• Usage: Run ./hooker to list processes, then attach to a target application using its identifier (e.g., ./hooker com.example.app).
• Documentation: README

Highlighted Details

• Automated Hook Generation: Generates detailed hook scripts for classes and methods, including stack traces, call times, and execution duration.
• SSL Pinning Bypass: Includes a Frida-based JustTrustMe implementation with support for BoringSSL unpinning.
• Memory Roaming: Allows inspection of memory to discover activities, services, and object details.
• Native Hooking: Provides tools to hook native functions, including RegisterNatives and dlsym calls, and to find anti-Frida mechanisms.

Maintenance & Community

The project is actively maintained by CreditTone. Further community engagement details are not explicitly provided in the README.

Licensing & Compatibility

The project's license is not explicitly stated in the README. Compatibility for commercial use or closed-source linking is not specified.

Limitations & Caveats

The README mentions that some anti-debugging techniques might require specific script adjustments or manual intervention. Certain functionalities, like deep class scanning or specific native function hooking, may require deeper understanding of the target application's internals. The effectiveness of some scripts, such as dump_dex.js, may vary depending on the app's obfuscation or anti-tampering measures.