- Go to latest frida release page and download a frida-core-devkit-x.y.z-windows-x86_64.tar.xz and extract
frida-core.handfrida-core.lib, place them infrida/directory. - spdlog is used to generate logs, use
git submodule init && git submodule updateto clone them. - You can use
npm install --save @types/frida-gumto enable syntax highlighting when writing rule files - The instrumentation file (main.js) uses several WS2 helper functions written in
ws2helper.c. Use VS shell for developer to run compile.bat to compile the diresedws2helper.dllin place.
Use latest visual studio to open .sln to compile.
The compiled binary is mfrida.exe.
.\mfrida.exe <pid1> <pid2> <pid3> ...
Rules should be placed with the directory of you running the exe, the name is main.js.
ws2helper.dll should be placed alongside with main.js.
Sample rule file is provided in scripts/main.ts
A single rule file for all targeted processes is supported now.
Child gating is enabled, which means frida will automatically attach child processes created by processes under instrumenting.