OpenCourser brand icon
Sign in
We may earn an affiliate commission when you visit our partners.

Reverse Engineering

Frida for Beginners

Paul Chin, PhD

Frida is a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. It allows you to inject your own scripts into black box processes. Hook any function, spy on crypto APIs or trace private application code, no source code needed. Edit, hit save, and instantly see the results. All without compilation steps or program restarts. It’s the swiss army knife for process injections for native apps and is a popular dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript or your own library into native apps on Windows and Android.  It is the go-to tool you use for API tracing.

Read more

Frida is a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. It allows you to inject your own scripts into black box processes. Hook any function, spy on crypto APIs or trace private application code, no source code needed. Edit, hit save, and instantly see the results. All without compilation steps or program restarts. It’s the swiss army knife for process injections for native apps and is a popular dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript or your own library into native apps on Windows and Android.  It is the go-to tool you use for API tracing.

At the end of this course you will be able to:

  1. learn how to reverse engineer and perform process injection into android and windows applications

  2. hook functions and modify its behaviour

  3. perform basic bypass of security restrictions on android and windows apps

Features of this course:

  1. Designed with beginners in mind.

  2. Simple android apps and windows crackme's designed to learn process injection and function hooking

  3. Practical and hands-on

  4. Using free tools only

Suitable for:

  • Reverse Engineering and Malware Analysis Students

  • Students planning on entering Malware Analysis and Reverse Engineering, or Penetration Testers as a Career Path

  • Security researchers

Prerequisite:

  • Windows PC

  • Basic Java/Javascript would be helpful but not mandatory

  • Preferably have an Android phone (non-rooted)

Enroll now and I will see you inside.

Enroll now

What's inside

Learning objectives

  • Listing process libraries
  • Reversing android apps
  • Hooking classes and functions
  • Examining and modifying function parameters and return values
  • Reversing windows app
  • Hooking process functions
  • Memory scanning
  • Process injection
  • Hacking memory
  • Decompiling apps
  • Bypassing root detection
  • Intercepting http and https traffic
  • Bypassing basic security mechanism for android and windows apps
  • Enumerating libraries and imported functions
  • And more....
  • Show more
  • Show less

Syllabus

Introduction

Intro to Frida

Intro to Frida Injection

Setting up lab and rooted android emulator
Read more

Installing LD-player emulator

Installing platform tools

Installing frida-server on the android emulator

How to determine which version of frida-server to install into LDPlayer emulator

Installing objection and frida tools on the pc

Testing objection and frida

Setting up lab for non-rooted android phone

Installing Android-studio build-tools

Installing the apktool

Patching the target apk file with the frida-gadget (frida-server)

Enabling developer-mode on the android phone

Installing the patched-apk file to the android phone and testing it

If the frida gadget that we patch into the apk does not work, you can use an alternative solution. We extract the apk from the physical phone and install it into a rooted LDPlayer.

Decompiling apk files

Reverse engineering using the apktool

Installing dex2jar and jd-gui

Decompiling an apk file using dex2jar and jd-gui

Understanding the Frida CLI

Understanding the Frida CLI

Simple Frida hello-world script

Simple Frida hello-world script

Frida script to list classes

Frida script to list classes

Frida scripts to list methods and properties

Frida scripts to list methods and properties

Hooking functions and bypassing root detection

Intro to hooking functions

Decompiling apk to identify target function to hook

Hooking functions and modifying them

Dumping function parameters

Dumping function parameters

Re-using app functions in Frida scripts and decrypting passwords

Analyzing app functions

Implementing app functions in frida and decrypting password

Frida and Windows: listing modules

Listing windows modules (DLL libraries) using Frida

Hooking windows MessageBox function

Hooking windows MessageBox function

Modifying the windows MessageBox API

Modifying the windows MessageBox API

Listing windows process functions

Listing windows process functions

Hooking createfile api

Hooking file reading functions

Memory scanning and hacking

Memory scanning and hacking

Additional supplementary lessons on hacking android apps

Additional lessons on android ethical hacking to supplement Frida.

Intercepting http traffic

Installing Burpsuite

Setting Burpsuite proxy for LDplayer emulator

Installing the Insecure Banking app

Intecepting HTTPs traffic

Installing burpsuite CA cert

Modifying network-security-config

Creating keystore signing and intercepting https

Local data storage vulnerabilities

Local data storage vulnerabilities

Exported application component vulnerabilities

Exported application component vulnerabilities

Insecure logging vulnerability

Insecure logging vulnerability

Bypassing root detection using objection

Running Frida scripts after objection root bypass

Bonus Lecture

Bonus lecture.

Save this course

Save Reverse Engineering: Frida for Beginners to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Reverse Engineering: Frida for Beginners with these activities:
Review Basic Java/JavaScript Concepts
Reinforce your understanding of basic Java or JavaScript concepts, as these are helpful (though not mandatory) for understanding Frida scripts and reverse engineering tasks.
Browse courses on JavaScript Fundamentals
Show steps
  • Review online tutorials or documentation on basic syntax, data types, and control flow.
  • Practice writing simple programs or scripts to solidify your understanding.
Read 'Android Security Internals'
Gain a deeper understanding of Android security internals to better contextualize your Frida-based reverse engineering efforts.
View Putting Knowledge to Work on Amazon
Show steps
  • Obtain a copy of 'Android Security Internals'.
  • Read the chapters related to application sandboxing, permissions, and system services.
  • Take notes on key concepts and how they relate to Frida's capabilities.
Practice Hooking Simple Functions
Reinforce your function hooking skills by practicing on simple Android or Windows applications.
Show steps
  • Find or create a simple Android or Windows application with easily identifiable functions.
  • Use Frida to hook these functions and modify their behavior.
  • Experiment with different hooking techniques, such as replacing function arguments or return values.
Four other activities
Expand to see all activities and additional details
Show all seven activities
Read 'Hacking the Art of Exploitation'
Gain a deeper understanding of exploitation techniques to better contextualize your Frida-based reverse engineering efforts.
View Hacking: The Art of Exploitation, 2nd Edition on Amazon
Show steps
  • Obtain a copy of 'Hacking: The Art of Exploitation'.
  • Read the chapters related to memory layout, buffer overflows, and shellcode.
  • Take notes on key concepts and how they relate to Frida's capabilities.
Document Frida Scripts and Techniques
Solidify your understanding by creating documentation or tutorials on specific Frida scripts and techniques you've learned.
Show steps
  • Choose a specific Frida script or technique to document.
  • Write a clear and concise explanation of how the script works and what it accomplishes.
  • Include code examples and screenshots to illustrate your points.
  • Share your documentation with others to get feedback and improve your understanding.
Reverse Engineer a CrackMe
Apply your Frida skills to reverse engineer a CrackMe application and bypass its security mechanisms.
Show steps
  • Find a CrackMe application for Android or Windows.
  • Use Frida to analyze the application's code and identify its security mechanisms.
  • Develop Frida scripts to bypass these mechanisms and unlock the application's hidden features.
Contribute to Frida Scripts
Contribute to open-source Frida scripts or tools to enhance your skills and collaborate with the community.
Show steps
  • Explore existing Frida scripts and tools on platforms like GitHub.
  • Identify areas where you can contribute, such as bug fixes, new features, or improved documentation.
  • Submit your contributions and participate in code reviews.

Career center

Learners who complete Reverse Engineering: Frida for Beginners will develop knowledge and skills that may be useful to these careers:
Reverse Engineer
A reverse engineer analyzes software or hardware systems to understand their design, functionality, and potential vulnerabilities. This course helps build a foundation in dynamic instrumentation using Frida, a crucial skill for reverse engineers. You'll learn to inject scripts into black box processes, hook functions, and trace application code, skills necessary for analyzing and understanding software without source code. The course's hands-on approach, focusing on Android and Windows applications, directly reflects the tasks a reverse engineer routinely performs. Anyone interested in a reverse engineer career should learn how to perform process injection and function hooking.
See salaries and explore the career path for Reverse Engineer
Malware Analyst
Malware analysts examine malicious software to understand its behavior, identify its purpose, and develop methods to detect and neutralize it. This course is highly relevant, as it teaches process injection, function hooking, and bypassing security mechanisms using Frida, all techniques essential for analyzing malware's inner workings. The course content on reversing Android and Windows apps directly translates to real-world malware analysis scenarios. Learning memory scanning and hacking using Frida may improve a malware analyst's ability to dissect sophisticated malware. This course is tailored for those who want to pursue the malware analyst career path.
See salaries and explore the career path for Malware Analyst
Penetration Tester
Penetration testers evaluate the security of computer systems and networks by simulating attacks to identify vulnerabilities. This course helps build skills in dynamic instrumentation and process injection, allowing penetration testers to uncover weaknesses in applications. Learning to hook functions, modify behavior, and bypass security restrictions equips penetration testers with valuable techniques for assessing application security. The course's practical focus on Android and Windows platforms directly aligns with the platforms penetration testers often target. The course may allow penetration testers to gain deeper insights into application vulnerabilities.
See salaries and explore the career path for Penetration Tester
Security Researcher
Security researchers investigate vulnerabilities and security threats in software and hardware systems. This course provides practical skills in dynamic instrumentation using Frida, enabling security researchers to analyze application behavior and identify potential weaknesses. By learning to inject scripts, hook functions, and trace application code, this course helps security researchers develop a deeper understanding of software security. The course's focus on Android and Windows platforms is beneficial, given the prevalence of these systems. You will be better equipped to understand the ways in which an application can be attacked.
See salaries and explore the career path for Security Researcher
Application Security Engineer
An application security engineer focuses on ensuring the security of software applications throughout the development lifecycle. This course helps in understanding dynamic instrumentation and process injection, critical skills for identifying and mitigating vulnerabilities in applications. Learning to hook functions and bypass security restrictions enables application security engineers to assess an app's security posture effectively. The course's emphasis on Android and Windows apps directly aligns with the platforms application security engineers often work with. You may be better equipped to perform static and dynamic analysis of applications.
See salaries and explore the career path for Application Security Engineer
Exploit Developer
Exploit developers research and create code that takes advantage of vulnerabilities in software or hardware. This course offers skills in dynamic instrumentation to uncover and leverage vulnerabilities. The ability to inject scripts, hook functions, and modify behavior using Frida is directly applicable to exploit development. The course's hands-on approach to reversing Android and Windows apps provides practical experience. The course helps build a deeper understanding of security bypasses, which are crucial for effective exploit development. You may better understand the landscape of software exploits.
See salaries and explore the career path for Exploit Developer
Vulnerability Analyst
A vulnerability analyst identifies and assesses security weaknesses in systems, networks, and applications. This course helps build skills in dynamic analysis using Frida, essential for uncovering runtime vulnerabilities. Learning to hook functions, examine parameters, and trace application code helps vulnerability analysts understand how vulnerabilities can be exploited. The course's focus on Android and Windows platforms is directly relevant to vulnerability analysis. The course may lead to a better ability to report and provide remediation guidance for security flaws.
See salaries and explore the career path for Vulnerability Analyst
Security Consultant
Security consultants advise organizations on how to improve their security posture. This course provides insights into dynamic instrumentation and reverse engineering, enabling security consultants to assess application security and provide recommendations for remediation. Understanding how to hook functions, bypass security restrictions, and analyze application behavior is valuable for identifying potential weaknesses. While a security consultant role often requires a broad skillset, familiarity with techniques may set a consultant apart.
See salaries and explore the career path for Security Consultant
Software Developer
Software developers design, code, and test software applications. While not directly related to development, this course may provide developers with a deeper understanding of application security and potential vulnerabilities. Learning about process injection, function hooking, and security bypasses can help developers write more secure code and defend against potential attacks. Gaining insight into the techniques used by reverse engineers and attackers may lead to a more proactive approach to security during the development process. The course helps learn about writing secure software that resists reverse engineering attempts.
See salaries and explore the career path for Software Developer
Firmware Engineer
Firmware engineers develop and maintain the low-level software that controls hardware devices. This course may be useful for firmware engineers who need to analyze or debug existing firmware, especially on Android-based devices. The course's content on process injection, function hooking, and memory scanning may assist in understanding and modifying firmware behavior. Although firmware engineering often requires hardware-specific knowledge, this course can help better analyze the software components of firmware.
See salaries and explore the career path for Firmware Engineer
Technical Support Engineer
Technical support engineers provide assistance to customers experiencing technical issues with software or hardware. This course may provide a deeper understanding of how software functions at a low level, potentially aiding in troubleshooting complex issues. Knowledge of process injection and function hooking may help support engineers diagnose problems related to application behavior or security. Gaining insights into reverse engineering techniques may improve the ability to understand and resolve challenging technical problems. In these roles, the course may help with debug and diagnostic tools as well.
See salaries and explore the career path for Technical Support Engineer
Quality Assurance Engineer
Quality assurance engineers test software and hardware to ensure they meet quality standards. While not a primary skill, this course may provide a broader perspective on software vulnerabilities and potential security issues. Understanding process injection, function hooking, and security bypasses may help quality assurance engineers design more thorough and effective test cases. Gaining insight into reverse engineering techniques can help in finding edge cases and unexpected behavior in software. This course, therefore, may make them a more insightful contributor to the development process.
See salaries and explore the career path for Quality Assurance Engineer
System Administrator
System administrators are responsible for maintaining and managing computer systems and networks. This course may provide insight into potential security vulnerabilities and how attackers might compromise systems. Understanding process injection and function hooking can help system administrators better detect and respond to security incidents. Gaining knowledge of reverse engineering techniques may improve the ability to analyze and understand malware or other malicious software. The course helps with monitoring and securing networked systems.
See salaries and explore the career path for System Administrator
Security Operations Center Analyst
Security Operations Center (SOC) analysts monitor security systems and respond to security incidents. Often, SOC analysts review logs and network traffic to identify malicious activity. While this course does not directly pertain to log review, the skills may help perform deeper investigations of suspicious processes. Learning about process injection and function hooking may allow a SOC analyst to reverse engineer malware samples, but usually this is not a part of their day-to-day duties. A SOC analyst typically does not need to understand Frida.
See salaries and explore the career path for Security Operations Center Analyst
Data Scientist
Data scientists analyze large datasets to identify patterns and trends. This course may provide a unique perspective on security-related data and potential anomalies. While not directly related, understanding reverse engineering techniques could help data scientists analyze malware behavior and identify malicious patterns in network traffic or system logs. Gaining insight into process analysis may improve the ability to detect and prevent security threats. Data scientists may wish to pivot into a security role after.
See salaries and explore the career path for Data Scientist

Reading list

We've selected two books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Reverse Engineering: Frida for Beginners.
Cover image
Putting Knowledge to Work
Save
Provides a deep dive into the Android security architecture. It covers topics such as the Android sandbox, permissions, and security-critical components. While not directly Frida-focused, it provides essential background knowledge for understanding the security mechanisms you'll be bypassing and analyzing with Frida. This book is more valuable as additional reading to provide a deeper understanding of the Android OS.
Putting Knowledge to Work
Paperback
Check
Putting Knowledge to Work
Kindle Edition
Check
Cover image
Hacking: The Art of Exploitation, 2nd Edition
Save
Provides a comprehensive introduction to exploitation techniques. While it doesn't focus specifically on Frida, it covers fundamental concepts like memory layout, buffer overflows, and shellcode that are essential for understanding how to exploit vulnerabilities. This knowledge will enhance your ability to use Frida for more advanced reverse engineering and security research. This book is more valuable as additional reading to provide a deeper understanding of exploitation.
Hacking: The Art of Exploitation, 2nd Edition
Paperback
$$
Hacking: The Art of Exploitation, 2nd Edition
Kindle Edition
$$

Share

Help others find this course page by sharing it with your friends and followers:
Facebook
LinkedIn
Reddit
X
Link
Email

Similar courses

Similar courses are unavailable at this time. Please try again later.
Effort
5.5 total hours
Via
Udemy
Instructor
Paul Chin, PhD
Language
English
Share and help others discover this course.
Facebook LinkedIn X Reddit Link Email
Don't miss out
Enroll today to gain access to this course
Enroll in this course
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2025 OpenCourser