Skip to content

Tricta/ZygiskReconModules

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

1 Commit
dexDump
dexDump
ย 
ย 
memDumpModule
memDumpModule
ย 
ย 
soEnum
soEnum
ย 
ย 
traceDexCalls
traceDexCalls
ย 
ย 
README.md
README.md
ย 
ย 

Repository files navigation

๐Ÿ› ๏ธ Zygisk Recon Modules:

This repository is a collection of Zygisk modules for Android security research. Use these modules to dump runtime components, such as .so loadeds, trace DEX function calls, dump loaded bytecodes or dump memory

โœจ Core Capabilities

  • Anti-Defense: Bypass anti-LSPosed, anti-Frida and some anti-tampering checks.
  • Dumping: Extract dynamic DEX files and SO libraries from packers.
  • Tracing: Perform function call tracing on DEX side.
  • Instrumentation: Hook early Java classes and native library functions (libc.so, libart.so).

๐Ÿ“œ Key modules example

Module Folder Primary Function
dexDump Dumps dynamic DEX files from memory.
soEnum Dumps native SO libraries via android_dlopen_ext.
traceDexCalls Hooks DEX functions called by the interpreter in the early context (libart.so).
memDumpModule Dumps process memory from zygote perspective to find MTLS certificates.

๐Ÿš€ Usage Example

To run a module, install on your root solution and check logs in logcat! :)

About

Some Simple Zygisk Modules for APK Recon

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages