Is there any solution that can bypass the self-defined API in native used to detect LIBFRIDA?

Question

Is there any solution that can bypass the self-defined API in native used to detect LIBFRIDA?

zeng9t opened this issue 6 years ago · 1 comments

Is there any solution that can bypass the self-defined API in native used to detect LIBFRIDA?
Thanks if you could provide any ideas.

Answer 1 · 2019-06-20T07:52:58.000Z

From the blog post cited on readme:

This is a bit more effective as overall, and is difficult to bypass with frida only, especially with some obuscation added. Even so, there are of course many ways of bypassing this as well. Patching and system call hooking come to mind. Remember, the reverse engineer always wins!