iOS Frida Instrumentation Detection Implemented
iOS Frida Instrumentation Detection Implemented
Description
The application detected and responded to Frida-based dynamic instrumentation on iOS.
This indicates that the application includes runtime resilience controls intended to identify instrumentation through Frida or Frida Gadget and to react when those conditions are observed. In practice, this can raise attacker cost by making runtime observation, hook-based bypasses, and live tampering more difficult.
This result is informative rather than absolute. Frida detection can improve resilience, but it does not guarantee resistance to all runtime tampering techniques, custom instrumentation builds, or bypasses. High-value trust decisions should still be enforced server-side.
Recommendation
This entry is informative, no recommendations applicable.
Links
- OWASP MASVS - MASVS-RESILIENCE-4
- OWASP MASTG - Hardening Against Runtime Hooking
- OWASP MASTG - Hardening Against Reverse Engineering Tools
- Frida - Gadget
- Apple Developer - Establishing your app's integrity
Standards
- OWASP_MASVS_RESILIENCE:
- MSTG_RESILIENCE_4
- OWASP_MASVS_v2_1:
- MASVS_RESILIENCE_4
- PCI_STANDARDS:
- REQ_6_2
- REQ_6_3
- SOC2_CONTROLS:
- CC_7_1
- CC_7_2
- HIPAA_CONTROLS:
- SECURITY212
- SECURITY213
- OWASP_MOBILE_TOP_10:
- M7_2024