Skip to content

nblog/frida-scan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
src
src
 
 
.gitignore
.gitignore
 
 
.python-version
.python-version
 
 
README.md
README.md
 
 
config.json.example
config.json.example
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

Frida-Scan

A powerful AOB (Array of Bytes) scanner powered by Frida for memory pattern scanning.

Features

  • 🔍 Advanced Pattern Scanning: Support for complex byte patterns with wildcards
  • 📝 Flexible Configuration: JSON-based configuration with expression evaluation
  • 🔧 Instruction Matching: Advanced instruction equality checking with configurable ranges
  • 📦 Easy Installation: Install and run with uvx or pip
  • 🔄 Multiple Matches: Handle multiple pattern matches with selection options

Installation

Using uvx (Recommended)

uvx --from frida-scan@git+https://github.com/nblog/frida-scan.git frida-scan -n notepad.exe config.json.example

Scan Modes

  • rva: Relative Virtual Address
  • va: Virtual Address
  • call: Call target address
  • mem32: Memory dereference (32-bit)
  • imm8/16/32/64: Immediate values (8/16/32/64 bit)

Common Issues

  1. Process not found: Ensure the process is running and the name/PID is correct
  2. Pattern not found: Verify the byte pattern is correct and the target module is loaded
  3. Permission denied: Run with administrator privileges on Windows
  4. Multiple matches: Use the selected field to choose which match to use

License

This project is licensed under the WTFPL License. Dependencies are under their respective licenses.

About

aobscan Powered by frida

Topics

frida aob-scan

Resources

Readme
Activity

Stars

4 stars

Watchers

0 watching

Forks

1 fork
Report repository

Languages