Android Native Library Protection Project
by @aantik_mods
I am working on a new system that protects Android native libraries .so files in a safe way.
The goal is simple: the app will run normally, but the library file will look completely changed when someone tries to open it.The protector does not touch any important parts of the ELF file.It keeps .text, PT_LOAD, entry point, GOT/PLT, dynamic table and all runtime data safe.
So the library never crashes inside the app.The changes happen only in non-critical areas.
The tool adds many junk sections, splits rodata into many parts, changes section names, adds fake text blocks, increases alignment and mixes the order of sections.Because of this, the full library looks different from the original one.If anyone opens both files in a hex viewer or diff tool, every part looks changed.IDA and Ghidra also get confused because the layout becomes very chaotic, but the real code still works normally.This project is made to slow down reverse engineering while keeping the app 100% stable.
More updates and improvements will come soon
🔫 Lib compare or copycat public gone soon No need any CUSTOM Lib loader
by @aantik_mods
I am working on a new system that protects Android native libraries .so files in a safe way.
The goal is simple: the app will run normally, but the library file will look completely changed when someone tries to open it.The protector does not touch any important parts of the ELF file.It keeps .text, PT_LOAD, entry point, GOT/PLT, dynamic table and all runtime data safe.
So the library never crashes inside the app.The changes happen only in non-critical areas.
The tool adds many junk sections, splits rodata into many parts, changes section names, adds fake text blocks, increases alignment and mixes the order of sections.Because of this, the full library looks different from the original one.If anyone opens both files in a hex viewer or diff tool, every part looks changed.IDA and Ghidra also get confused because the layout becomes very chaotic, but the real code still works normally.This project is made to slow down reverse engineering while keeping the app 100% stable.
More updates and improvements will come soon
Please open Telegram to view this post
VIEW IN TELEGRAM
❤7👌5😍2
Media is too big
VIEW IN TELEGRAM
😣 The internal stub.a is embedded. I’m aware that some developers try to dump process memory to recover the original lib.so, but for my scenario this approach is not feasible
1❤7❤🔥2😍1
Media is too big
VIEW IN TELEGRAM
Google加固 Apks split vdex Injection Objectlogger
Main idea Directly inject the ObjectLogger into base_split1.vdex.
✅ No need to replace base.apk
✅ No need to manually add ObjectLogger
✅ Works with paired APKs
😁 No need to convert APKs or edit the APK files at all
Main idea Directly inject the ObjectLogger into base_split1.vdex.
✅ No need to replace base.apk
✅ No need to manually add ObjectLogger
✅ Works with paired APKs
😁 No need to convert APKs or edit the APK files at all
🤓15❤🔥8👀5
lib(so) control flow BETA.apk
19.5 MB
lib.so obfuscation tools
FEATURE ---[/]
LZMA ultra compression
Custom stub injection
Fake segments
Section confusion
Dynamic table shred
Extra anti-Ghidra patch
Anti-Frida optimized
For ARM64 APK, you must enable this option before patching with Android Shield
Author - @RevDex
Dev - @aantik_mods
FEATURE ---[/]
LZMA ultra compression
Custom stub injection
Fake segments
Section confusion
Dynamic table shred
Extra anti-Ghidra patch
Anti-Frida optimized
For ARM64 APK, you must enable this option before patching with Android Shield
Author - @RevDex
Dev - @aantik_mods
🤯12❤8😍5
ЯevDex
lib(so) control flow BETA.apk
Bro I didn’t get any comments from anyone. please let me know what’s going on. at least give me one feedback is it working or not? And tell me which part needs improvement
🤔I guess 90% of them are my haters that’s why no one is giving any feedback
🤔I guess 90% of them are my haters that’s why no one is giving any feedback
🤓7🤯3👀2
hijack okhttp3 @aantik_mods.zip
2.4 KB
Api response hijack
🐛 watcher
🐛 overwriter
Tutorial soon 😁👍
Modded by @RevDex
Dev - @aantik_mods
https://www.youtube.com/watch?v=s3O8Ek50Bu0
🐛 watcher
🐛 overwriter
Tutorial soon 😁👍
Modded by @RevDex
Dev - @aantik_mods
https://www.youtube.com/watch?v=s3O8Ek50Bu0
❤12
MenaVpn hijack system injected mod.apk
58.9 MB
Modded by @RevDex
Tutorial: https://www.youtube.com/watch?v=s3O8Ek50Bu0
This is a React Native app, but the OkHttp3 system says I don’t care, bro. 😁🤡🤦
Tutorial: https://www.youtube.com/watch?v=s3O8Ek50Bu0
This is a React Native app, but the OkHttp3 system says I don’t care, bro. 😁🤡🤦
❤6🤯5🤓1
When I checked the app, first I saw it was making a PHP request. But after that request finished, I noticed more PHP requests happening, like
So I tried
After that, I opened Android Studio and loaded
Then, using a special technique, I bypassed the iframe restriction and successfully injected my own JavaScript.
I changed
free → pro
false → true
And premium got fully unlocked. No ads, all pro features activated.
Finally, I created my own custom Android app, loaded their original WebView, injected custom JS, and completely bypassed their premium system
https://play.google.com/store/apps/details?id=com.pixta.thumbnailmaker 😐
getaccount_V15.php. I searched the whole APK, every folder, every smali file, but I couldn’t find these PHP request URLs anywhere. Then I understood something was fishy in their main system.So I tried
index_v15.php. Inside that, I found a hidden schema which was connected with the app. I opened it using the browser developer tools, and then I was shocked— all the premium features, account login, account check, everything was fully controlled from one JavaScript file. At that moment, everything became clear to me.After that, I opened Android Studio and loaded
index_v15.php inside a WebView. I tried to hook the JavaScript and change some values to unlock premium. But then I understood the real problem: the JS was running inside an iframe. When JavaScript runs inside an iframe, you cannot directly hook or modify it using normal JS injection. So my injected noscript was not working.Then, using a special technique, I bypassed the iframe restriction and successfully injected my own JavaScript.
free/431075/PIXTA FREE ACTIVE/false/
pro/431075/PIXTA PRO ACTIVE/true/
I changed
free → pro
false → true
And premium got fully unlocked. No ads, all pro features activated.
Finally, I created my own custom Android app, loaded their original WebView, injected custom JS, and completely bypassed their premium system
https://play.google.com/store/apps/details?id=com.pixta.thumbnailmaker 😐
❤6🤯3😍3
Forwarded from Android Security & Malware
Flutter SSL Bypass: How to Intercept HTTPS Traffic When all other Frida Scripts Fail
https://m4kr0x.medium.com/flutter-tls-bypass-how-to-intercept-https-traffic-when-all-other-frida-noscripts-fail-bd3d04489088
https://m4kr0x.medium.com/flutter-tls-bypass-how-to-intercept-https-traffic-when-all-other-frida-noscripts-fail-bd3d04489088
Medium
Flutter SSL Bypass: How to Intercept HTTPS Traffic When all other Frida Scripts Fail
In this article, I’ll walk you through my journey in intercepting HTTPS traffic from a APK based on Flutter during a pentesting engagement…
❤8
Antik Emulator Bypass UID FF.zip
6.7 KB
Emulator Bypass Free Fire ( Redirect Api)
Reverse Engineering ( Online Game)
adb push mitmproxy-ca-cert.crt /system/etc/security/cacerts/9a5ba575.0
adb shell chmod 644 /system/etc/security/cacerts/9a5ba575.0
settings get global http_proxy
settings put global http_proxy 127.0.0.1:20010
adb shell settings put global http_proxy ""
http://mitm.it
Must need adb enable BlueStacks or others emulator
Reverse Engineering ( Online Game)
adb push mitmproxy-ca-cert.crt /system/etc/security/cacerts/9a5ba575.0
adb shell chmod 644 /system/etc/security/cacerts/9a5ba575.0
settings get global http_proxy
settings put global http_proxy 127.0.0.1:20010
adb shell settings put global http_proxy ""
http://mitm.it
Must need adb enable BlueStacks or others emulator
❤7🤯4
Forwarded from jige li
https://github.com/mawo95/pairip
兄弟,你可以试试看这个项目吗😁
兄弟,你可以试试看这个项目吗😁
GitHub
GitHub - mawo95/pairip: Google Pairip protection bypass newest update 2026
Google Pairip protection bypass newest update 2026 - mawo95/pairip
❤11🤓1
Mod-Menu-Survival Simulator.7z
2.8 MB
Mod Menu for Survival Simulator project
✔️ Aimbot
✔️ ESP
✔️ Telekill
✔️ Mask Kill
✔️ 360° Auto-Aim
✔️ Fly Mode
✔️KickPlayer
✔️KickRPC
no java fully imGUI ESP
C++ HOOK BY - @aantik_mods
Survival Simulator 0.2.3
✔️ Aimbot
✔️ ESP
✔️ Telekill
✔️ Mask Kill
✔️ 360° Auto-Aim
✔️ Fly Mode
✔️KickPlayer
✔️KickRPC
no java fully imGUI ESP
C++ HOOK BY - @aantik_mods
Survival Simulator 0.2.3
❤8🤯2❤🔥1