A powerful Frida script that bypasses common Android security detections and restrictions.
Root Detection Bypass - Hides root/su binaries, Magisk, and root management apps SSL Pinning Bypass - Intercepts and bypasses SSL certificate pinning Emulator Detection Bypass - Spoofs device properties to appear as real device Debug Detection Bypass - Prevents apps from detecting debugging tools
- Rooted Android device or emulator
- Frida installed on your computer
- Frida-server running on the Android device
- Python 3.x (for Frida installation)
pip install frida-tools
Check your device architecture
adb shell getprop ro.product.cpu.abi
https://github.com/frida/frida/releases
adb push frida-server /data/local/tmp/
adb shell chmod 755 /data/local/tmp/frida-server
adb shell su -c /data/local/tmp/frida-server &
Spawn and hook application
frida -U -f com.example.app -l FridaBypassKit.js
This script has been tested and works with many applications that implement:
- Root detection (RootBeer, SafetyNet, custom implementations)
- SSL pinning (OkHttp, custom TrustManagers)
- Emulator detection
- Anti-debugging techniques
- Hooks File.exists() to hide su binaries
- Intercepts Runtime.exec() calls for root checks
- Hides root-related packages from PackageManager
- Modifies system properties to appear unrooted
- Hooks TrustManagerImpl.verifyChain() method
- Hooks TrustManagerImpl.checkTrustedRecursive() method
- Bypasses certificate chain verification
- Returns empty certificate chains to avoid validation
- Works with most Android SSL implementations including OkHttp, Retrofit, and custom implementations
- Spoofs telephony manager values
- Returns fake phone numbers and operator names
- Modifies build properties
- Hooks Debug.isDebuggerConnected()
- Prevents debugger detection
- Bypasses anti-debugging checks
This tool is for educational and research purposes only. Users are responsible for complying with applicable laws and regulations. The authors are not responsible for any misuse or damage caused by this tool.