FRIDA-DEXDump : Fast Search And Dump Dex On Memory

FRIDA-DEXDump is a tool for Fast Search And Dump Dex On Memory.

Features

  • support fuzzy search broken header dex.
  • fix struct data of dex-header.
  • compatible with all android version(frida supported).
  • support loading as objection plugin ~
  • pypi package has been released ~

Requires

  • frida: pip install frida
  • [optional] click pip install click

Installation

From pypi

pip3 install frida-dexdump
frida-dexdump -h

From source

git clone https://github.com/hluwa/FRIDA-DEXDump
cd FRIDA-DEXDump/frida-dexdump
python3 main.py -h

Usage

  • Run frida-dexdump or python3 main.py to attach current front most application and dump dexs.
  • Or, use command arguments:

-n: [Optional] Specify target process name, when spawn mode, it requires an application package name. If not specified, use frontmost application.
-p: [Optional] Specify pid when multiprocess. If not specified, dump all.
-f: [Optional] Use spawn mode, default is disable.
-s: [Optional] When spawn mode, start dump work after sleep few seconds. default is 10s.
-d: [Optional] Enable deep search maybe detected more dex, but speed will be slower.
-h: show help.

Or, loading as objection plugin

  • clone this repo and move frida_dexdump into your plugins folder, eg:

git clone https://github.com/hluwa/FRIDA-DEXDump ~/Downloads/FRIDA-DEXDump;
mv ~/Downloads/FRIDA-DEXDump/frida_dexdump ~/.objection/plugins/dexdump

start objection with -P or --plugin-folder your plugins folder, eg:

objection -g com.app.name explore -P ~/.objection/plugins

run command:

  • plugin dexdump search to search and print all dex
  • plugin dexdump dump to dump all found dex.
R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

3 weeks ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

3 weeks ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

3 weeks ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

3 weeks ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

3 weeks ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

3 weeks ago