MASTG-TECH-0033: Method Tracing

In contrast to method profiling, which tells you how frequently a method is being called, method tracing helps you to also determine its input and output values. This technique can prove to be very useful when dealing with applications that have a big codebase and/or are obfuscated.

If you prefer a GUI-based approach you can use tools such as RMS Runtime Mobile Security which enables a more visual experience as well as include several convenience tracing options.

If you prefer the command line, Frida offers a useful syntax to query Java classes and methods as well as Java method tracing support for frida-trace via -j (starting on frida-tools 8.0, Frida 12.10).

  • In Frida scripts: e.g. Java.enumerateMethods('*youtube*!on*') uses globs to take all classes that include "youtube" as part of their name and enumerate all methods starting with "on".
  • In frida-trace: e.g. -j '*!*certificate*/isu' triggers a case-insensitive query (i), including method signatures (s) and excluding system classes (u).

Refer to the Release Notes for Frida 12.10 for more details on this new feature. To learn more about all options for advanced usage, check the documentation on the official Frida website.