[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-75587":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":14,"stars7d":16,"stars30d":17,"stars90d":15,"forks30d":15,"starsTrendScore":18,"compositeScore":19,"rankGlobal":10,"rankLanguage":10,"license":20,"archived":21,"fork":21,"defaultBranch":22,"hasWiki":23,"hasPages":21,"topics":24,"createdAt":10,"pushedAt":10,"updatedAt":25,"readmeContent":26,"aiSummary":27,"trendingCount":15,"starSnapshotCount":15,"syncStatus":28,"lastSyncTime":29,"discoverSource":30},75587,"noxen","frankheat\u002Fnoxen","frankheat","Android interception tool for component communication and attack-surface mapping","",null,"JavaScript",116,12,1,0,4,71,3,54.44,"GNU General Public License v3.0",false,"main",true,[],"2026-06-12 04:01:18","\u003Cp align=\"center\">\n  \u003Cimg src=\"assets\u002Flogo.svg\" width=\"400\">\n\u003C\u002Fp>\n\nAndroid runtime interception for security research. noxen uses **Frida** to hook Java\nmethods in a running Android process and map how app components communicate at\nruntime. It captures attack-surface events such as `android.content.Intent` objects,\nthen lets you inspect, modify, forward, or drop them from a terminal UI.\n\n![Python](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fpython-3.10+-blue)\n![License](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flicense-GPLv3-green)\n\n![noxen Home tab](assets\u002Fscreenshots\u002Fhome.png)\n\n## What It Does\n\n- Helps map component communication and attack-surface behavior at runtime.\n- Intercepts common Android runtime entry points such as `getIntent`, `startActivity`,\n  `sendBroadcast`, `startService`, and `PendingIntent` creation paths.\n- Shows action, component, data URI, flags, categories, extras, PendingIntent flags,\n  optional Java stack traces, and attack-surface labels where available.\n- Lets you modify intent action, data, categories, flags, and extras before forwarding.\n- Lets you drop intercepted intents.\n- Stores captured history, outcomes, filters, columns, and modified intent snapshots\n  in `.noxen` project files.\n- Provides independent Intercept and History filters.\n- Provides an optional Home-tab `Input ANR bypass (experimental)` for rooted test devices,\n  focused on input-dispatch ANRs while noxen intentionally holds a target thread.\n- Uses a structured Log tab with aligned source\u002Flevel columns and optional\n  `Verbose logs` for detailed hook and bypass diagnostics.\n- Analyzes APKs with androguard to generate hook configuration.\n\n## Quick Start\n\n> **Windows:** [Windows Terminal](https:\u002F\u002Fapps.microsoft.com\u002Fdetail\u002F9n0dx20hk701) is required. The classic console host (cmd.exe, old PowerShell window) does not support true color or the Unicode characters used by the TUI.\n\nClone the repository:\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Ffrankheat\u002Fnoxen.git\ncd noxen\n```\n\nInstall the Frida Python package that matches the `frida-server` version you run on\nthe Android device. For example:\n\n```bash\npip install frida==17.7.3\n```\n\nThen install noxen:\n\n```bash\npip install .\n```\n\nLaunch noxen:\n\n```bash\nnoxen\n```\n\nYou can also launch it through Python:\n\n```bash\npython -m noxen\n```\n\nSelect the device, mode, and target app from the Home tab. Use `noxen --project session.noxen`\nto open an existing project or `noxen --new-project session` to create one.\n\nIf you also want the `noxen-analyze` command for generating app-specific hook\ndefinitions from an APK, install the optional analysis extra:\n\n```bash\npip install \".[analyze]\"\nnoxen-analyze app.apk -o hooks.json\n```\n\nUse an editable install only when developing noxen itself:\n\n```bash\npip install -e .\n```\n\nRegular installs include the default hook configuration and the packaged Frida\nJavaScript runtime bundles, so noxen does not need to be launched from the source\ncheckout after installation.\n\nSee the full documentation at **https:\u002F\u002Ffrankheat.github.io\u002Fnoxen-docs\u002F** for all\noptions, commands, filters, and project management.\n\n## Interface Preview\n\n![Intercept tab](assets\u002Fscreenshots\u002Fintercept.png)\n\n![History tab](assets\u002Fscreenshots\u002Fhistory.png)\n\n## Playground App\n\nThe companion Android target app lives in the [noxen-playground](https:\u002F\u002Fgithub.com\u002Ffrankheat\u002Fnoxen-playground) repository.\nIt is named `noxen playground` on device and uses the package\n`com.frankheat.noxen.playground`.\n\nUse it to validate common runtime flows while developing noxen:\n\n```bash\ncd ..\u002Fnoxen-playground\n.\u002Fgradlew assembleDebug\n```\n\nOpen `noxen-playground\u002F` directly in Android Studio rather than the workspace parent\ndirectory.\n\n## Development\n\nThe Python package uses a `src` layout: importable code lives in `src\u002Fnoxen\u002F`. This\nkeeps the repository root separate from the installed package and avoids shell\nambiguity between the `noxen` command and a local package directory.\n\nAfter changing Python code, run the unit tests. When validating Frida compatibility,\nrepeat the same checks with the Frida environments you support. For example, this\nrepository is commonly tested with local Frida 16 and Frida 17 virtual environments:\n\n```bash\n..\u002Ffrida-16.6.6\u002Fbin\u002Fpython -m compileall -q src\u002Fnoxen\nPYTHONPATH=src ..\u002Ffrida-16.6.6\u002Fbin\u002Fpython -m unittest discover -s tests\n..\u002Ffrida-17.7.3\u002Fbin\u002Fpython -m compileall -q src\u002Fnoxen\nPYTHONPATH=src ..\u002Ffrida-17.7.3\u002Fbin\u002Fpython -m unittest discover -s tests\n```\n\nAfter changing `agent\u002Fscript.js` or `agent\u002Fsystem_server.js`, rebuild the committed\nFrida bundles and packaged runtime copies:\n\n```bash\nnpm install\nnpm run build\n```\n\nCommit the changed source script, its matching `*_bundle.js` file, and the synced\n`src\u002Fnoxen\u002Fruntime\u002F` copy. Do not commit `node_modules\u002F`.\n\n## License\n\nnoxen is released under the [GNU General Public License v3.0](LICENSE).\n","noxen 是一个用于Android组件通信拦截和攻击面映射的安全研究工具。它基于Frida框架，在运行时挂钩Java方法，捕获并分析`android.content.Intent`等关键事件，允许用户通过终端界面检查、修改、转发或丢弃这些事件。其核心功能包括拦截常见的Android运行时入口点如`getIntent`、`startActivity`等，并展示详细的意图信息及可选的Java堆栈跟踪。此外，noxen还支持项目文件存储、独立过滤器设置以及实验性的ANR绕过特性。适用于安全研究人员对Android应用进行动态分析和漏洞挖掘。",2,"2026-06-11 03:53:01","CREATED_QUERY"]