CatFrida is a macOS tool for inspecting a running iOS app.
Building with frida-swift, CatFrida provide an awesome easy way to dive into an app.
- App basic info
- List all loaded modules
- Dumpdecrypt module
- List module's symbols
- File explorer (either app bundle or document)
- Download app files
- Class dump
- UI description
- App Cookies dump
- Keychain dump
- UserDefaults dump
- Capture Alamofire HTTP requests
- Support load custom script
- A jailbroken iOS device with
frida serverinstalled
Check the following link to see how to install frida on jailbroken device?
-
Connect your jailbroken iOS device with macbook
-
Run CatFrida.app
Enjoy :)
The application is not code-signed. You can sign it manually.
xcode-select --install
codesign --force --deep --sign - /Applications/CatFrida.app
Currently, CatFrida use frida-core 14.2.3. Since the binary file is too large, the git project doesn't include it. You can install it manually by the following steps:
-
Click to download frida-core-devkit-14.2.3-macos-x86_64.tar.xz
-
Extract
tar -xvf frida-core-devkit-14.2.3-macos-x86_64.tar.xz -
Copy
frida-core.handlibfrida-core.atoCatFrida/FridaBridge/CFrida/macos-x86_64/ -
pod install -
Open CatFrida.xcworkspace and build
CatFrida load script in CatFrida/Scripts/_agent.js. It was built by project CatFridaAgent. You can modify CatFridaAgent to add your own script.
Some script files are from passionfruit
It also include my own project FridaHookSwiftAlamofire to capture Alamofire HTTP requests.
MIT