frida/cryptoshark frida/cryptoshark

  • Stars
    star
    589
  • Rank 75,909 (Top 2 %)
  • Language
    C++
  • License
    Other
  • Created over 10 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
frida/cryptoshark
github

frida

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Self-optimizing cross-platform code tracer based on dynamic recompilation

Cryptoshark

Self-optimizing cross-platform code tracer based on dynamic recompilation, powered by Frida and Capstone. Works at the machine code level, no source code needed. Tags threads based on which APIs they use, showing you in real-time what functions have been called, allowing you to study them by carefully injecting logging and other side-effecty code.

Screencast

ScreenShot

Binaries

Get them at: https://github.com/frida/cryptoshark/releases

Development workflow

First, make sure you have a Qt >= 5.15 SDK installed and that its bin-directory is on your PATH. Also make sure you have Node.js 10 or newer.

Building the app: Command Line

Run the build script. This will output a binary at:

  • Windows: ..\build-cryptoshark-x86_64\app\release\cryptoshark.exe
  • macOS: ../build-cryptoshark-x86_64/app/Cryptoshark.app/Contents/MacOS/Cryptoshark
  • Linux: ../build-cryptoshark-x86_64/app/cryptoshark

Building the app: Qt Creator

Run the bootstrap script and then open cryptoshark.pro in Qt Creator.

Building agent.js

This is the instrumentation code that Cryptoshark injects into target processes.

For a one-off build:

$ cd app/agent
$ npm run build

And to watch while developing:

$ cd app/agent
$ npm run watch

This will monitor the TypeScript source code and incrementally compile app/agent.js. Note that the agent is included as a resource, so remember to build.

Building a portable binary

In order to build a portable binary we will need a static build of Qt. This is not recommended for development due to the prolonged linking times, but it is very useful for generating a portable Cryptoshark binary without any external dependencies.

Windows

Prerequisites

  • MS Visual Studio 2019
  • Git
  • Strawberry Perl
  • Python (Note: Installation location cannot contain spaces due to bugs in Qt's build system.)

Building Qt

Run tools\windows\env-x86_64.bat to enter the environment, then:

  • Get the source code by running: get-qt

  • And finally: build-qt

Building Cryptoshark

  • Change to the root directory of this repo.

  • Run build.

  • A fresh new portable binary is now at:

    ..\build-cryptoshark-x86_64\app\release\cryptoshark.exe

macOS

Prerequisites

  • Xcode

Building Qt

Run . tools/macos/activate-env to enter the environment, then:

  • Get the source code by running: get-qt

  • And finally: build-qt

Building Cryptoshark

  • Change to the root directory of this repo.

  • Run ./build.

  • A fresh new portable binary is now at:

    ../build-cryptoshark-$arch/app/Cryptoshark.app/Contents/MacOS/Cryptoshark

More Repositories

1

frida

Clone this repo to build Frida
Meson
15,418
star
2

frida-python

Frida Python bindings
C
770
star
3

frida-gum

Cross-platform instrumentation and introspection library written in C
C
714
star
4

frida-core

Frida core library intended for static linking into bindings
Vala
599
star
5

frida-tools

Frida CLI tools
Python
335
star
6

frida-java-bridge

Java runtime interop from Frida
JavaScript
324
star
7

frida-node

Frida Node.js bindings
C++
278
star
8

frida-compile

Compile a Frida script comprised of one or more Node.js modules
TypeScript
184
star
9

frida-rust

Frida Rust bindings
Rust
173
star
10

frida-go

Frida Go bindings
Go
141
star
11

frida-swift

Frida Swift bindings
Swift
139
star
12

frida-itrace

Instruction tracer powered by Frida
TypeScript
129
star
13

frida-swift-bridge

Frida's finally getting Swifty
TypeScript
120
star
14

frida-presentations

Public presentations given on Frida at conferences
JavaScript
100
star
15

frida-website

Frida's website
CSS
84
star
16

frida-clr

Frida .NET bindings
C++
75
star
17

frida-objc-bridge

Objective-C runtime interop from Frida
JavaScript
48
star
18

tinycc

Frida depends on TinyCC
C
45
star
19

gumjs-net

Node.js's net module for Frida
JavaScript
41
star
20

frida-qml

Frida Qml plugin
C++
38
star
21

frida-web-client

Frida web client
TypeScript
36
star
22

v8

Frida depends on V8
C++
33
star
23

aurora

Proof-of-concept web app built on top of Frida
JavaScript
29
star
24

lwip

A Lightweight TCP/IP stack
C
25
star
25

glib

Frida depends on GLib
C
21
star
26

docker-images

Docker images for building portable binaries
C
20
star
27

gumjs-http

Node.js's http module for Frida
JavaScript
19
star
28

cloudspy

Proof-of-concept web app built on top of Frida
JavaScript
19
star
29

frida-codeshare

SCSS
18
star
30

libunwind

Frida uses libunwind for generating backtraces on some platforms
C
17
star
31

v8-build

Frida depends on V8
Python
11
star
32

frida-amiga-bridge

Amiga emulator instrumentation using Frida
TypeScript
10
star
33

stlport

Frida depends on stlport for building with older QNX toolchains
C++
9
star
34

frida-load

Load a Frida script comprised of one or more Node.js modules
JavaScript
9
star
35

geoshark

Tutorial: Build a debugger in 5 minutes
JavaScript
9
star
36

vala

Frida depends on Vala
Vala
9
star
37

corellium-action

GitHub Action for testing code on Corellium
JavaScript
8
star
38

releng

Frida release engineering tools
Python
8
star
39

frida-npapi

Frida browser plugin for NPAPI-compatible browsers
C++
7
star
40

frida-ci

Tools for running and setting up the continuous integration server
C
7
star
41

xz

Frida depends on liblzma on OSes where it uses libunwind for generating backtraces
C
5
star
42

elfutils

Frida depends on elfutils for libelf on some platforms
C
5
star
43

proxy-libintl

Proxy for a dynamically loaded optional libintl
C
5
star
44

libxml2

Frida depends on libsoup, which depends on libxml2
C
4
star
45

glib-openssl

Frida used to depend on glib-openssl on some platforms, now uses glib-networking instead
C
4
star
46

corellium-gateway

Corellium gateway used by corellium-action
JavaScript
4
star
47

libtool

Frida depends on libtool for its UNIX build system
Shell
3
star
48

openssl

Frida (optionally) depends on OpenSSL
C
3
star
49

gumjs-https

Node.js's https module for Frida
JavaScript
2
star
50

frida-process

Node.js compatible “process” module for Frida
JavaScript
2
star
51

json-glib

Frida depends on json-glib
C
2
star
52

frida-buffer

Frida compatibility shim for the “buffer” module
JavaScript
2
star
53

glib-networking

Frida depends on glib-networking on some platforms
C
2
star
54

web-shims

Meta-package pulling in shims needed for web apps
JavaScript
2
star
55

libsoup

Frida depends on libsoup
C
2
star
56

libiconv

Frida depends on libiconv on some systems
C
2
star
57

v8-zlib

Frida depends on V8
C
1
star
58

gumjs-stream

Node.js's stream module for Frida
JavaScript
1
star
59

frida-any-promise

Frida compatibility shim for the “any-promise” module
JavaScript
1
star
60

libgee

Frida depends on libgee
Vala
1
star
61

pcre

Frida depends on GLib, which used to depend on PCRE (these days it depends on PCRE2)
C
1
star
62

pkg-config

Frida uses pkg-config during its build process
C
1
star