Brida v0.6pre

Changelog from 0.5 version (for now):

• Kill server fixed with last Java versions
• JS files compatible with frida-compile >= 10 (use version 10.2.5 or lower, due to an issue with frida-compile)
• Added "Host:Port" and "DeviceId" Frida connection modes
• Added JS bypass for OkHttpHostname Verified
• Added Magisk to root packages (thanks @mustafairan)

I will update this version as soon as I implement of fix something, because compilation can be tricky due to the RSyntaxTextArea dependency that must be installed locally (I tried with the last version and there still is the same compatibility issue with Burp Suite)

Brida v0.5

Changelog from 0.4 version:

• Fixed compilation issues with Deprecated NodeJs dependencies
• Search of Java methods added to the Graphical analysis tab
• Python virtual environments support
• Support for frida-compile 10 (currently not working for a compilation bug that I'm investigating)
• Many custom plugin types enhanced
• Better internal handling of strings and byte arrays, in order to preserve binary data
• Swift demangle hooks
• Android OkHttp3 4.2 pinning bypass
• iOS 13 pinning bypass
• Attach by process name
• Bug fixes

Brida v0.5 pre-release 2

Changelog from 0.4 version:

• Fixed compilation issues with Deprecated NodeJs dependencies
• Search of Java methods added to the Graphical analysis tab
• Python virtual environments support
• Support for frida-compile 10 (currently not working for a compilation bug that I'm investigating)
• Many custom plugin types enhanced
• Android OkHttp3 4.2 pinning bypass
• iOS 13 pinning bypass
• Attach by process name
• Bug fixes

Brida v0.5 pre-release

Changelog:

• Python virtual environments support
• Support for frida-compile 10 (currently not working for a compilation bug that I'm investigating)
• Many custom plugin types enhanced
• Android OkHttp3 4.2 pinning bypass
• iOS 13 pinning bypass
• Attach by process name
• Bug fixes

Brida v0.4

Fourth release of Brida is out! It will be presented at Hack In Paris 2020 but, due to the postponement of the conference for the COVID-19 global situation, the tool has been released before the conference

Changelog (partial):

• Many Frida hooks for common tasks have been included, directly callable from the GUI of the tool with a click of the mouse! These scripts include the most recent hooks for Android and iOS platforms to bypass and inspect security features
• A new highly-customizable engine will allow to graphically create custom plugins to:
  • Process requests/responses that pass through every Burp Suite tool, in order to be able to encrypt/decrypt/resign elements of requests and responses using Frida exported functions
  • Add custom tab to Burp Suite request/response pane, in order to be able to decrypt/decode/process requests/responses (or portion of them) using Frida exported functions (and then encrypt/encode/process modifications and replacing the original request/response, if any)
  • Add custom context menu options to invoke Frida exported functions on requests and responses
  • Add buttons that invoke/enable Frida exported functions
• Fully compatible with Burp 2.X and Python 3, with options to attach/detach and to inspect local processes
• Support to frida-compile, in order to move Brida JS inner functions outside from the Frida JS file edited by the pentester/hacker/user
• Graphical hooks are now persistent across spawns and can be manually enabled/disabled/removed
• Bugfixes
• Documentation!

Brida v0.3

Changelog:

• Changes in "start server" functionality: now it is more verbose and prints more details on errors that arise starting Pyro server
• New "Load default JS file" functionality, that copies the default Brida JS file in a custom location on the file system and sets the path in the "Frida JS file path" field of the plugin (now the default JS file is included in the plugin itself and it is not necessary to download it from the GitHub repository)
• Various bug fixes

Tested with Frida 12.0.8 on Android and iOS platforms.

Brida v0.2

Second release of Brida is out! Presented at Hack In The Box 2018 Amsterdam!

This release is made up of:

1. Brida_02.jar: is the core of Brida, the application that creates the bridge to communicate with Frida and offers Brida services
2. scriptBrida.js: a blank Frida script with Brida prototypes

New features:

• An integrated console in which output from all Frida and Brida hooks are printed
• An integrated JS editor with Javascript syntax highlighting, in order to be able to add your own Frida exports and Frida hooks directly from Burp Suite
• An analysis tab, in which you have a tree rapresentation of the binary (Java/OBJC classes and methods, inports/exports) and from which you can graphically add inspection hoooks (that print arguments and return value every time that the hooked function is executed) and tamper hooks (that dinamically change the return value of the hooked function every time that it is executed)

Brida v0.1

First release of Brida is out!

This release is made up of:

1. Brida_01.jar: is the core of Brida, the application that creates the bridge to communicate with Frida and offers Brida services
2. scriptBrida.js: a blank Frida script with Brida prototypes
3. BurpBridaSignalTestApp.jar: an example Java application that uses Brida to dinamically modify Signal messages intercepted by Burp Suite
4. BurpBridaSignalTestApp.py: an example Python application that uses Brida to dinamically modify Signal messages intercepted by Burp Suite
5. scriptSignal.js: Frida JS file used by the Signal Java and Python examples