-
Notifications
You must be signed in to change notification settings - Fork 953
Features
Megladon edited this page Jan 30, 2026
·
3 revisions
Supporting both iOS and Android and having new features and improvements added now and then as the tool is used in real world scenarios, the following is a list of key features:
objection allows you to:
- Patch iOS and Android applications, embedding a Frida gadget that can be used with objection or just Frida itself.
- Interact with the filesystem, listing entries as well as upload & download files where permitted.
- Perform various memory related tasks, such as listing loaded modules and their respective exports, dumping memory, and replacing memory contents.
- Attempt to bypass and simulate jailbroken or rooted environments.
- Discover loaded classes and list their respective methods.
- Perform common SSL pinning bypasses.
- Dynamically dump arguments from methods called as you use the target application.
- Interact with SQLite databases inline without the need to download the targeted database and use an external tool.
- Execute custom Frida scripts.
- Monitor and analyze implicit intents with optional backtrace support.
- Use pattern-based hooking for dynamic instrumentation.
- Manage jobs with improved job handling capabilities.
objection includes the ability to:
- Dump the iOS keychain, and export it to a file.
- Update and remove items from the iOS keychain.
- Dump data from common storage such as NSUserDefaults and the shared NSHTTPCookieStorage.
- Dump various formats of information in human readable forms.
- Bypass certain forms of biometric authentication restrictions (TouchID/FaceID).
- Watch for method executions by targeting all methods in a class, or just a single method.
- Monitor the iOS pasteboard.
- Dump encoded .plist files in a human readable format without relying on external parsers.
- Use pattern hooking to match multiple methods dynamically.
- Monitor CommonCrypto operations in real-time.
- Bypass JailMonkey and other jailbreak detection mechanisms.
objection includes the ability to:
- List the applications Activities, Services and Broadcast receivers.
- Start arbitrary Activities available in the target application.
- Watch a class method, reporting execution as it happens with support for specific method overloads.
- List Android keystore details.
- Watch keystore usage to reveal passwords used when accessing items.
- Bypass RootBeer and other root detection libraries.
- Use pattern hooking to match multiple methods dynamically.
- Set application-specific proxy settings without affecting the entire OS.
- Deoptimize code to force execution through the interpreter for improved hook reliability.
- Analyze implicit intents with detection and optional backtrace support.
Note: This list reflects the functionality available in objection 1.12.0. There have been significant changes between versions 1.11.0 and 1.12.0, including numerous bug fixes, new bypass techniques, improved patcher functionality, and quality-of-life improvements. For the complete changelog, see the full comparison on GitHub.
To view all releases and their detailed changelogs, visit the objection releases page.