v3.9.6

What's Changed

• Add MCP server
• Update Facebook SSL Pinning Bypass by @dhtzs in #122
• Fix: Escape newlines in Facebook SSL Pinning Bypass by @dhtzs in #123
• Fix: Resolve string escaping errors in http_communication modules by @dhtzs in #124
• fix(mango): reset total_deep_links to prevent duplicate entries by @tomsec2 in #127
• Reset scratchpad on exit by @Anas35 in #132

New Contributors

• @tomsec2 made their first contribution in #127

Full Changelog: v3.2.0...v3.9.6

Medusa Version 3.2.0

What's Changed

• Update natives.py by @rloretan in #106
• Fix OkHttp3 module ClassNotFoundException - Resolves #45 by @subhobhai943 in #114
• Add database migration guide for Mango compatibility - Fixes #88 by @subhobhai943 in #113
• Improve show command robustness and UX by @dhtzs in #118
• Add deprecated API support for backward compatibility by @saullocarvalho in #119
• Fix exception when running in non-interactive mode by @mpeck12 in #120

New Features & Improvements

• Manifest diffing across app versions
  Easily compare Android manifests between builds to identify changes in permissions, components, and security-relevant attributes.
• Multi-session Medusa support
  Run multiple Medusa sessions simultaneously, enabling parallel dynamic analysis across apps or processes.

New Contributors

• @rloretan made their first contribution in #106
• @subhobhai943 made their first contribution in #114
• @dhtzs made their first contribution in #118
• @saullocarvalho made their first contribution in #119
• @mpeck12 made their first contribution in #120

Many thanks to @actuator for his sponsorship!

Full Changelog: v3.1.0...v3.2.0

Medusa Version 3.1.0

🚀 Summary

• Frida ≥ 17.0.0 compatibility
• iOS WebViews: Web Inspector
  Enable the Web Inspector for iOS WebViews (commit dda43c4) .
• Null checks in Broadcast module
  Prevent crashes by adding null-safety when inspecting Intent extras (commit c3f06a2) .
• Firebase settings output
  Mango now prints an app’s Firebase configuration when available (commit 4ea3b2c) .
• New modules: amazon_aws_keys, chrome_custom_tabs
  Automatically hunt for AWS credentials and Chrome custom-tabs endpoints (commit f63d1c5) .
• SQLite Monitor
  A brand-new script to watch and log SQLite database activity (merged in f33a2d5 / 3443c0f) .

🔧 Changed

• dump_ios_url_scheme improvements
  Handle multiple URL schemes and fix edge-case parsing (commit 0c3d027) .
• iOS deeplinks module
  Refined to support deeper app-specific URI formats (commit a9fe33a2) .
• Run -t now uses pid instead of epid
  More reliable attachment to topmost process (merge 2fc139f) .
• Sensitive-URI keyword highlighting
  Added keywords to flag dangerous query parameters and Intent extras in your output (commit 72d925b) .
• WebView hook refinements
  Improved class detection in obfuscated Android apps (merge f33a2d5 / commit 2144646) .
• Agent-script character-fix
  Resolves a stray character that previously broke script injection (commit f821244) .
• Root-detection bypass
  Now works against jail-monkey and React Native root checks (commit 8fdb420) .

🐛 Fixed

• TruffleHog missing-install error
  Gracefully warns if TruffleHog isn’t present, instead of crashing (commit 2d61151) .
• Fragment-hooks robustness
  Improved handling of obfuscated Fragment class names and lifecycle methods (commit d104a905) .
• Broadcast-module NPE
  Added safeguards to prevent null-pointer in edge-case Intents (commit c3f06a2) .

New Contributors

• @loretanr made their first contribution in #102
• @Anas35 made their first contribution in #103

Medusa Version 3.0.0

Summary

This release delivers significant upgrades to Medusa and Mango, enhancing both their capabilities and usability. Medusa now supports dynamic module configuration via the options command, provides clearer output for class hooking, and includes new modules to extend its functionality. Mango has been enhanced with tools like TruffleHog for identifying secrets within APK assets and expanded its exposure interface to include Firebase-related keys for deeper analysis.

---

Release Highlights

Medusa

• Dynamic Module Configuration: Modules can now be customized dynamically using the options command.

  
  

• Enhanced Hooking Output: The hook -a command now provides much clearer output when hooking all functions of a class.

  

• New Modules and Updates: Additional modules have been added, and existing ones have been improved for better functionality.

---

Mango

• Firebase Key and Configuration Display: The show exposure command now reveals Firebase-related keys and relevant information.

  

• Secret Scanning via integration with TruffleHog: Integration with TruffleHog enables storing secrets in the application's database and displaying them with the show secrets command.

  

• Off-Market Installations: Support for installing off-market formats such as APKS, XAPK, ZIP, and other file types using the installmultiple command.

Medusa Version 2.9.0

Summary

This version brings significant enhancements, particularly to Mango, which now includes device assessment capabilities. Specifically, Mango can process a batch of APKs within a specified directory by importing them, displaying a summary of their exposure levels, showing special permissions, and more. Many thanks to @alright21 for contributions to this release, including features related to installing, pulling, and patching multiple APKs.

Features and Improvements

Mango

• Exposure Summary: Display existing applications based on their exported components, indicating the exposure level of each app.
• Permission Display: Show potential permissions when an exported component is protected.
• Split APK Support: Added capability to pull split APKs in addition to the base APK.
• Debug Flag Modification: Modify the debug flag for APK bundles.
• Bulk APK Installation: Install multiple APKs simultaneously.

Medusa

• Module Enhancements: Improved various modules for better clarity and performance.

Bug Fixes

• Manifest Parsing: Fixed multiple issues that caused Mango to abort during manifest parsing.

Medusa Version 2.8.6

Features and Improvements:

• Module Improvements: Improved various modules for better performance and reliability.
• Socket Server Support: Introduced support for socket server.
• Logging and Configuration: Adjusted mango logging configuration, improved logging details, such as device ID display in prompts.
• Permission and Activity Reporting: Enhanced reporting for application permissions, added reporting for root activity and development frameworks (Xamarin, ReactNative, Ionic, Flutter).
• Intent Redirection: Enhanced functionality to redirect intent to a new activity.
• Keyword and Filter Updates: Added and refined keywords for better filtering and reporting.
• Module Output and Interaction: Improved output of modules, including handling for jetpack internal fragment exposure.

Bug Fixes:

• Fixed multiple bugs, including typos, string format issues, and residual code removal.
• Resolved issues with search command and module crashes.
• Addressed issues in non-interactive mode to prevent session hang.

Medusa Version 2.4.6

This release includes a wide range of improvements and fixes that enhance the functionality and reliability of our tool. Here are the highlights:

Features and Improvements:

• Non-Interactive Mode: Run Medusa in a non-interactive mode for streamlined operations.

• Net_URI Module Improvement: Enhanced the net_uri module for better performance.

• DNS Logger: Introduced a DNS logger for improved network monitoring.

• Dependency Updates: Updated the apktool dependency to address CVE-2024-21633 and made adjustments to the google_trans_new dependency for better stability.

• Command Enhancements: Made significant improvements to the get command for better display of list values.

• Logging and Optimizations: Reduced logs in android_core and optimized logging headers. Also, introduced more efficient logcat improvements.

Fixes:

• Bug Fixes: Addressed a critical bug introduced in a previous commit that affected app deletion from the database. Fixed various issues including typos, variable conflicts, and spacing issues.

• Refactor and Cleanup: Conducted a thorough refactor of the codebase, including the use of local utilities, f-string updates, and PEP-8 compliant spacing for improved readability and maintainability.

• Security and Stability: Made module adjustments and root script touch-ups for enhanced security and application stability.

• Codebase Cleanup: Removed unused imports, updated conditional statements, and simplified expressions for cleaner and more efficient code.

• License Update: Updated the license information to reflect current standards and compliance.

Huge shout-out @jxdv, @alright21 and @giorgosioak for their valuable contributions !!

Medusa Version 2.0.0

Release Notes for Version 2.0.0

Excited to announce the release of Medusa version 2.0.0, which includes several important updates, improvements, and bug fixes. Here's what's new:

• Added iOS support

iOS support, allowing you to use Medusa for both Android and iOS app analysis and security testing.

• Mango to report on static evasion tactics

  • Handle APKs that employ static analysis evasion methods,
  • Report, during an import, whether a static analysis evasion method was used or not.

Shout out @erev0s for the contribution !

• Keep notes with mango

Mango supports adding notes for each imported application

• Module Enhancements

Numerous modules have undergone enhancements and new additions. Below is a concise overview of the key updates:

• Improved the screencap module for better performance and usability. Shout out @giorgosioak for contributing to this enhancement.
• New SSL unpinning module, thanks to @Devang-Solanki
• Enabled debug mode during WebView initialization, providing enhanced debugging capabilities when working with WebView components.
• Better intent monitoring
• The agent script was enhanced with additional capabilities.
• Lots of new modules, including cookiemanager hooks to monitor cookie manual set/get

Medusa 1.2.4

Added features

New modules:

• bundle_trace_get_methods
• fragment_hook_basics

New features:

• Add or remove modules while on active Frida session (by entering suspension mode -sus-)
• Highlight interesting intent extras
• memscan can "attach" to a running process
• support for nuclei templates scan
• hook a process by pid
• import an installed app to mango. Improved the list command in order to filter package ranges

Fixes:

• hook natives fix was causing errors in the final script
• intercept setWebContentsDebuggingEnabled to prevent apps from manually setting it to false
• Bugfix in hook_webviews.med which prevented the webview from loading a page

Medusa 1.1.0

New Features:

You can now save a subset of modules and load/unload them during your session.

Save:

medusa> session --save module_set_1
medusa> session --save module_set_2

Restore:

medusa> session --load module_set_1

Delete:

medusa> session --del module_set_1

Other Changes:
Added many new modules.

Thank you for using Medusa! We hope you find the new version useful and look forward to your continued support and feedback.