DroidGuard

November 11, 2021

This is a PoC that shows basic integrity bypass without MagiskHide by modifying the execution of DroidGuard.

Here are, for instance, some modules detected by DroidGuard:

frida-agent-32.so
frida-agent-64.so
libarthook_native.so
libfrida-gadget.so
libmemtrack_real.so
librfbinder-cpp.so
libriru_edxp.so
libriru_edxposed.so
libriru_snet-tweak-riru.so
libsandhook-native.so
libsandhook.edxp.so
libsandhook.so
libva++.so
libva-native.so
libwhale.edxp.so
libxposed_art.so