Frida Cheatsheet#
Installation (iOS/iPhone 6s)#
To get Frida working on this device you need the specific package frida_17.7.0_iphoneos.deb, see https://github.com/frida/frida/releases.
# Install
scp frida_17.7.0_iphoneos-arm.deb [email protected]:/var/root/
ssh [email protected]
dpkg -i /var/root/frida_17.7.0_iphoneos-arm.deb
# Install via SSH (General alternative)
ssh root@<device-ip>
apt update
apt install re.frida.server
# Start frida-server
frida-server -l 0.0.0.0 &
# or explicitly:
/usr/sbin/frida-server -l 0.0.0.0
# Verify it's running
ps aux | grep frida
Process Enumeration#
| Command | Description |
|---|
frida-ps | List running processes on the local host. |
frida-ps -U | List processes on the connected USB device. |
frida-ps -H <host:port> | List processes on a remote device. |
frida-ps -Uai | List installed applications (Android/iOS). |
frida-ps -Ua | List all installed applications. |
Attaching & Execution#
| Command | Description |
|---|
frida -n <name> | Attach to a process by name. |
frida -p <pid> | Attach to a process by PID. |
frida -f <app_id> | Spawn (launch) the application and attach immediately. |
frida -U -f <app_id> -l script.js | Spawn app on USB device and load a script. |
frida -n <name> -l hook_script.js | Attach to process and load a JavaScript file. |
frida -n <name> -e "console.log('Hi')" | Attach to process and execute inline JavaScript code. |
frida -U -f <app_id> --no-pause | Spawn app and automatically resume execution (no pause). |
Remote Debugging#
| Command | Description |
|---|
frida -H <host>:<port> -n <name> | Attach to a process on a remote device. |
frida -H 192.168.1.100:27042 -f com.app | Spawn an app on a remote device via IP/Port. |
CLI Utilities#
| Command | Description |
|---|
frida-trace | Trace function calls (generates stubs handlers). |
frida-discover | Discover internal functions called by the app. |
frida-kill | Kill a specific session or process. |
frida-ls-devices | List all connected Frida devices. |
Resources:#