Expand description
Gum bindings for Rust
Gum provides a number of utilities for instrumenting binary applications,
and traditionally is consumed via the JavaScript API known as GumJS.
This crate aims to provide a complete interface to the instrumentation
API provided by Gum, rather than GumJS (s.t. these bindings exclude the Java and ObjC
modules).
§Quick Start
First, ensure that your platform is supported by Gum. You can find a listing of
development kits on the Frida releases page.
To get started using Gum, you need to obtain a global Gum object; this is required
to safely ensure that Gum has been properly initialized as required. Next, you are
free to use any available APIs, such as the stalker::Stalker:
use frida_gum::{Gum, stalker::{Stalker, Transformer}};
#[cfg(feature = "event-sink")]
use frida_gum::stalker::NoneEventSink;
use lazy_static::lazy_static;
lazy_static! {
static ref GUM: Gum = unsafe { Gum::obtain() };
}
fn main() {
let mut stalker = Stalker::new(&GUM);
let transformer = Transformer::from_callback(&GUM, |basic_block, _output| {
for instr in basic_block {
instr.keep();
}
});
#[cfg(feature = "event-sink")]
stalker.follow_me::<NoneEventSink>(&transformer, None);
#[cfg(not(feature = "event-sink"))]
stalker.follow_me(&transformer);
stalker.unfollow_me();
}Modules§
- Function hooking engine.
- Code tracing engine.
Structs§
- Platform-dependent access to processor state.
- Module export details returned by
Module::enumerate_exports. - The file association to a page.
- Context required for instantiation of all structures under the Gum namespace.
- Module details returned by
Module::enumerate_modules. - Details a range of virtual memory.
- Module symbol details returned by
Module::enumerate_symbols.
Enums§
- Custom
Errorfor Frida - The memory protection of an unassociated page.