Runtime Mobile Security v1.4.2 releases: manipulate Android Java Classes and Methods at Runtime
Runtime Mobile Security
Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime.
You can easily dump all the loaded classes and relative methods, hook everything on the fly, trace methods args and return value, load custom scripts, and much other useful stuff.
Runtime Mobile Security (RMS) is currently supporting Android devices only.
It has been tested on MacOS and with the following devices:
- AVD emulator
- Genymotion emulator
- Amazon Fire Stick 4K
It should also work well on Windows and Linux but some minor adjustments may be needed.
- Improved APIs Monitor Output (bug fixing)
- new option to save the APIs Monitor Console output
- new option to reset the Console Logs Output
- new FRIDA custom scripts: Bypass for iOS 13 SSL Pinning and Android System.exit()
- Solving OWASP UnCrackable Android Apps Tutorial links added to the README
- default FRIDA custom scripts are now alphabetically ordered
- UI improvements
git clone https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security.git
(optional) Create a python virtual environment
pip3 install -r requirements.txt
1. Run your favorite app by simply inserting its package name
NOTE RMS attaches a persistence process called com.android.systemui to get the list of all the classes that are already loaded in memory before the launch of the target app. If you have an issue with it, try to find a different package that works well on your device. You can set another default package by simply editing the config.json file.
2. Check which Classes and Methods have been loaded in memory
3. Hook on the fly Classes/Methods and trace their args and return values
4. Select a Class and generate on the fly an Hook template for all its methods
5. Easily detect new classes that have been loaded in memory
6. Inject your favorite FRIDA CUSTOM SCRIPTS on the fly
Copyright (C) 2020 @mobilesecurity_