Guide to the Objection framework for mobile application pentesting, part 1
Have you decided to test the security of a mobile app using Objection? You’ve rooted your Android phone, installed Objection, launched the frida-server, but you’re not sure where to start? This is the guide for you!
In this series of guides, which I will publish periodically, I’ll explain step by step how to use the Objection framework to test your mobile app! Be sure to follow me if you don’t want to miss any updates!
In this first part of the guide, you will learn how to connect to Objection remotely and via USB cable, how to list the files inside folders, how to bypass pinning and root detection, and how to take a screenshot using the features of this tool.
So, you’ve already started your good old frida-server, connected with adb, and you’re ready to test a mobile app. If you didn’t figure out how to install frida-server, feel free to leave a comment: I’ll be happy to publish a guide for you 😊
We are assuming your device is rooted; otherwise, if you want to use Objection on a non-rooted Android device, you can follow my guide here:
https://medium.com/p/29aefe569058
