v14 by 𝗠𝗘𝗢𝗪𝗻𝗮 💅

changelog-

- Forced PIF FORK to use advance settings
- Switched to silent fingerprint fetching
- WebUI will remember your last used language forever
- Hides debug fingerprint detection
- Hides debug build detection
- Hides debug release key detection
- Integrated inbuilt popup toaser in WebUI
- Added spoofed ksu manager detection
- Dropped key checker
- Re desiged action button & set to auto mode for beginners who don't know what to chose in WEBUI
- Added Simplified Chinese translation in WEBUI thanks @Sullivan_block
- Fixed banner image error in manager for ksun users
- Shipped Integrity Box popup Toaster as user app
- Switched to sha256 + md5 file integrity verification
- Added 2 factor Authentication in keybox updator for user safety
- Updated boot hash noscript
- Debloated unnecessary java noscript codes
- Spoofed popup toaster
- Fixed Dutch language bug in WEBUI
- Drop Termux openssl bins deletions
- Added credits to supporters in WEBUI
- Optimised WEBUI
- Fixed inbuilt spoofing conflict on Pixelage ROM
- Added playstore version check with tutorial fix
- Updated CSS & various (34+) shell noscripts
- Create skip file in internal storage if you want to skip toaster installation
- A few more changes I don't remember + no one cares

SHA256: df34484eb68e2ccecc29b62425053b6ea1c80628beb16b78dfb7012527b0c7ec

Module Features
Pre-Requirements
Preview
Support

• I've updated this apk as well, so try it if you're having issue with play integrity

• For seamless experience, use PIF FORK by osm0sis with official Tricky Store

• Source code will be updated shortly

(I'm too lazy to upload files on GitHub😭)

Source code has been updated 😅

v14 by 𝗠𝗘𝗢𝗪𝗻𝗮 💅

changelog-

• Fixed camera issue

•Added new module indicators: ROM sign indicator, Risky apps indicator, Flagged kernel indicator, Playstore version indicator, TEE indicator

• Introduced configuration to control certain module features

• Module toggle to switch between blacklist & whitelist modes will be enabled by default for magisk users for shamiko / nohello

• Debloated unused codes & cleaned up common noscripts

• Added option to disable custom font in WebUI (more fonts will be added in next update)

• Remote verification can now work without reboot after updating the module

• Updated 2FA & depreciated forced user to reboot to use keybox function after update

• Deprecated popup toaster app

• Deprecated md5 checks

• Dropped local hash verification file (hashes.txt)

• Updated uninstall noscript
moved prop, fingerprint, & aosp keybox to toolbox directory

• Shipped with pixel 8 fingerprint

• Updated cleanup noscript

SHA256: da39f688d27ca99d481ea9fa5bddf6dddcc476d4c4f3ac2e00ab1a8fdfaabc57

Module Features
Pre-Requirements
Preview
Support

v16 by 𝗠𝗘𝗢𝗪𝗻𝗮 💅

[RE-UPLOADED] FIXED UNEXPECTED CRASH ON MAGISK ALPHA

changelog-

• Fixed unexpected delay in action button(noscript) expectation.

• Now default target packages will be updated based on TEE status too, instead of forcing leaf certificate hack mode for devices with non broken TEE

• Disable intro in WebUI by default & added option to re-enable it in WebUI menu.

• Improved Keybox updater.

• Optimised installation noscript.

• Added more configuration flags

• Fixed Lsposed logs spoofing failure

• Replaced simple "echo" outputs with structured logging mechanism for better traceability.

• Added a consistent logging format including timestamp for each log entry to improve readability and debugging.

• Implemented log file capturing using "tee -a" to ensure both console visibility and file persistence of logs.

• Ensured that all network retry attempts are logged with clear retry counters for transparency.

• Improved reliability of network connectivity checks by introducing a maximum retry limit with controlled loop execution.

• Enhanced error handling by introducing explicit exit codes upon failure conditions for better integration with other noscripts.

• Suppressed unnecessary command outputs to keep logs clean and focused only on meaningful information.

• Introduced graceful exit after maximum retry attempts to avoid indefinite loops in case of no internet connectivity.

• Standardized indentation, spacing, and code structure for improved readability and maintainability.

• Consolidated redundant command sequences to simplify the flow and reduce noscript overhead.

• Improved user feedback by ensuring retry attempts and failure messages are displayed consistently.

• Added robust handling of slow or unstable network scenarios to minimize false negatives.

• Ensured compatibility with BusyBox environment by using portable shell syntax.

• Improved overall noscript maintainability by reducing noise and making error handling self-explanatory.

• Strengthened integration readiness by introducing reliable log capturing that can be parsed or shared easily.

• Ensured that no sensitive data or unnecessary verbose output is written into the log files.

• Refined exit behavior to prevent accidental continuation of dependent operations in case of failure.

• Improved noscript resilience under low-resource or high-latency conditions.

• General code cleanup to maintain long-term stability.

• Custom fonts will be added in next update (got no time to find fonts).

• Logs will be zipped automatically, if you face any issue, just send me the log zip file

SHA256: 11e8360bbcc7745276c734c7d4fb86c6dc5be42922a570dbdbd7c79bee0806e3

Module Features
Pre-Requirements
Preview
Support

let's revive some outdated modules.

changelog-

• Replaced Key Checker with Flag Checker
• Merged WebUI noscripts & Action noscript in one noscript
• Redesigned WebUI with card based UI
• Improved live terminal logging
• Whitelisted Pixel Launcher components
• Fixed WebUI compatibility with MMRL
• Dropped meow helper activity dependency for popups

expect a new update in few minutes

v3 by 𝗠𝗘𝗢𝗪𝗻𝗮 💅

A little context about this module for new subscribers in this channel:

i collected more than 70 apps from different aosp roms (vanilla & gapps builds). they keep running in background but the strange part is freezing/disabling them doesn’t affect stability or user experience. the number keeps growing with every android update. and no, it’s not just google apps. even pure vanilla without gapps has a lot of crap. the main goal of this module is to freeze these apps to extend battery life & improve performance.

SHA256: 67c5d364882bd3489249d833e2e5e67ca00418350e4d94ddd0eb3940b30cb2e5

changelog

I Need to Talk About Something Serious (Magisk & KSU Vulnerability)

I’m creating a temporary discussion group linked to this channel and would really appreciate your suggestions.

Please keep the group respectful and focused. Each member can post only one message every 1 hours, so think carefully before you send it (you can always edit your message later).

I’ve never reported a sensitive vulnerability before, and honestly, I’m not sure how to do it right. That’s why I need your help and advice

Let’s keep the group free from drama and behave like adults. Thanks for understanding!

I Need to Talk About Something Serious (KernelSU-Magisk Vulnerability)

A few months ago, I found a serious vulnerability in Magisk & KSU (and their forks). This flaw gives full root access to an attacker, meaning they can control your device completely, inject malicious code, install trackers, or even brick it permanently. Basically, anything which is possible with root access, And it’s very easy to exploit.

What makes it worse is that this exploit can work like either rat poison or sweet poison it can either harm your device instantly, or it could be damaging it silently right now without your knowledge. I don’t want to give too many hints, but honestly, this is more dangerous than any exploit I’ve seen so far.

At the time, I didn’t report it because it’s shockingly easy to exploit, and I was honestly scared that if the wrong person saw it before it got fixed, it could cause serious damage to a lot of people. I’ve tried different ways to block or patch it on my end, and while I did find a workaround, but it's just a temporary band-aid, not a solution.

I’m genuinely worried about this. I don’t want to be the reason something bad happens, but I also don’t want to stay silent if the damage is still possible

Now I’m stuck and really need your advice:

Should I report this vulnerability now?
Or should I wait knowing someone else might already be exploiting it and risk a mass attack on rooted devices? Or should I raise awareness about how it works and how people can protect themselves from becoming victims

Please share your thoughts. Your suggestions will help me decide the best way forward.

Also, please don’t DM me asking what the vulnerability is😬 If I felt it was safe to share, I would’ve already. Thanks for understanding.

~ Regards @MeowDump