Monitor and log all interactions with the iOS Keychain by hooking key Security framework APIs: SecItemAdd, SecItemCopyMatching, SecItemUpdate, and SecItemDelete. These APIs are responsible for adding, retrieving, updating, and removing sensitive data (such as passwords, tokens, or cryptographic keys) stored in the Keychain.
Frida iOS script that hooks both - openURL: and - openURL:options:completionHandler: and prints the opened URLs.
This Frida script hooks into Appleās CoreLocation framework to simulate a moving GPS location on iOS apps. It intercepts CLLocationManager methods and continuously delivers fake location updates that appear as if the device is walking randomly within a defined area.
Hooks sqlite3_prepare, sqlite3_prepare_v2, sqlite3_prepare_v3, sqlite3_prepare16, sqlite3_prepare16_v2, sqlite3_prepare16_v3
A Frida script that hijacks -[CLLocation coordinate] and returns spoofed GPS coordinates. It exposes simple movement helpers (right, left, up, down) that move the spoofed position by a configurable distance (default 50 m) and re-install the spoofed coordinate.