Frida • A world-class dynamic instrumentation framework

Inject JavaScript to explore native apps on Windows, macOS, Linux, iOS, Android, and QNX.

Scriptable

Your own scripts get injected into black box processes to execute custom debugging logic. Hook any function, spy on crypto APIs or trace private application code, no source code needed!

Stalking

Stealthy code tracing without relying on software or hardware breakpoints. Think DTrace in user-space, based on dynamic recompilation, like DynamoRIO and PIN.

Portable

Works on Windows, macOS, Linux, iOS, Android, and QNX. Install the Node.js bindings from npm, grab a Python package from PyPI, or use Frida through its Swift bindings, .NET bindings, Qt/Qml bindings, or C API.

Get up and running in seconds.

Quick-start Instructions

          ~
          $
          sudo pip install frida
        
          ~
          $
          frida-trace -i "recv*" Twitter
        
          recvfrom: Auto-generated handler: …/recvfrom.js
        
          Started tracing 21 functions.
        
          1442 ms    recvfrom()
        
          # Live-edit recvfrom.js and watch the magic!
        
          5374 ms    recvfrom(socket=67, buffer=0x252a618, length=65536, flags=0, address=0xb0420bd8, address_len=16)