HookThatBin

A binary(malware) hooker using FRIDA (CLR) Dump your scripts on the scripts folder Nothing too fancy, code does what it needs to do, could be better maybe -_(0-0)_/- The video on this tweet explains pretty much what it does :) https://x.com/ke_0z/status/1716991364544540685?s=46

More scripts are incoming (when I can dedicate some time): -Mobile Root Bypass -DynamicReversing (by stalking through function calls) -Exploit Development

Compiling

Using VisualStudio, .NET4.8, Frida (frida-clr-16.1.10-windows-x86.dll.xz) or (frida-clr-16.1.10-windows-x86_64.dll.xz) as referenced DLLs tested with version 16.1.4-10 , copy the scripts folder to binary compiled location

Running

Extract and Execute HookThatBin

Name		Name	Last commit message	Last commit date
Latest commit History 14 Commits
Properties		Properties
scripts		scripts
.gitattributes		.gitattributes
.gitignore		.gitignore
App.xaml		App.xaml
App.xaml.cs		App.xaml.cs
HelloFrida.sln		HelloFrida.sln
HookABin.gif		HookABin.gif
HookAMal.csproj		HookAMal.csproj
MainWindow.xaml		MainWindow.xaml
MainWindow.xaml.cs		MainWindow.xaml.cs
README.md		README.md
SpawnWindow.xaml		SpawnWindow.xaml
SpawnWindow.xaml.cs		SpawnWindow.xaml.cs
app.config		app.config
favicon.ico		favicon.ico
packages.config		packages.config

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

HookThatBin

Compiling

Running

DEMO

About

Releases 1

Packages

Languages

ke0z/HookThatBin

Folders and files

Latest commit

History

Repository files navigation

HookThatBin

Compiling

Running

DEMO

About

Resources

Stars

Watchers

Forks

Releases 1

Packages 0

Languages

Packages