pip3 install frida-tools
Library injection example Custom library injection
./neomorph.py -p 31337 -m inject -e libcustom.so -x entry_function Function interception
./neomorph.py -p 31337 -m intercept -e 0x13371337 SSL interception
./neomorph.py -p 31337 -m intercept -e SSL_write./neomorph.py -p 31337 -m intercept -e SSL_read Remote host SSL interception (package)
./neomorph.py -H 192.168.1.9:2313 -P org.mozilla.firefox -m intercept -e SSL_write -A 1 -s 10240 -O term Compile the program
Start the program
Spoof (string)
./neomorph.py -p 1337 -m spoof -e" 0x7ffff7270eb0" " hack the planet" Spoof (hex)
./neomorph.py -p 1337 -m spoof -e" 0x7ffff7270eb0" " 68 61 63 6b 20 74 68 65 20 70 6c 61 6e 65 74 00" Spoof (mnemonic) - pip3 install capstone keystone
./neomorph.py -p 1337 -m spoof -e" 0x7ffff7270eb0" " push r12; push r9; push r10; push rax; pop r12; pop rbx; push rax; mov eax, 0" ./neomorph.py -p 1337 -j file.js Pattern search
./neomorph.py -p 1337 -m pattern -e" hello world" Dump on remote host
./neomorph.py -p 1337 -m dump -H 192.168.2.8:9443 -e" 0x7f1ea3dbb683" Dump by pattern
./neomorph.py -p 1337 -m dump -e" hello world" Dump by pattern (hex)
./neomorph.py -p 1337 -m dump -e" 68 65 6c 6c 6f 20 77 6f 72 6c 64 21 21 21 21 00" Searching functions and disasm
./neomorph.py -p 1337 -m resolve -e freestyle./neomorph.py -p 1337 -m dump -e 0x55fe33c87740 -O asm Dumping functions
./neomorph.py -p 1337 -m dump -e freestyle -O asm Export enum
./neomorph.py -p 1337 -mexport -e libssl.so Export enum with filter
./neomorph.py -p 1337 -mexport -e libssl.so -xread