frinet

Project Url: synacktiv/frinet
Introduction: Frida-based tracer for easier reverse-engineering on Android, iOS, Linux, Windows and most related architectures.
More: Author   ReportBugs   
Tags:

By combining Frida with an enhanced version of Tenet, Frinet facilitates the study of large programs, vulnerability research and root-cause analysis on iOS, Android, Linux, Windows, and most architectures. Blogpost on the Synacktiv website

Tenet

This version is a complete rewrite of synacktiv/frinet (originally a fork of gaasedelen/tenet). You can still find the old version on the legacy branch.

This project was presented at SSTIC 2026 (in French) : video/slides/paper.

The new archictecture is based on four components :

  • Indexer : A Rust CLI that produces an optimized index from a trace file.
  • Backend : A Rust crate that implements specialized algorihms to query the optimized index file.
  • Backend (Python bindings) : A Rust crate that exposes a python interface.
  • IDA Plugin : A thin layer of python code that queries and integrates data from the backend into the IDA interface.

Features

Tracer based on Frida: Identical to the legacy version of Frinet.

Indexer / Backend:

  • Efficient indexing of traces with up to 2 billion instructions (~100 GB).
  • Independent of the trace format (only the Tenet format is supported for now).
  • Multi-threaded memory search with full regex support.
  • Usable as a standalone Rust library: crates/db.

Frontend:

  • Timeline / Register / Memory views.
  • Assembly timeline trails (red/green/blue).
  • Memory read/write breakpoint.
  • Jump to first/prev/next/last execution.

Missing features & TODOs

  • Reach frontend feature parity with Frinet v1:
    • The call tree view is not yet implemented.
  • UI polishing.

Build & Installation

# Build the Python bindings shared lib
apt install python3-dev
cargo build --release
cp target/release/libfrinet_db.so frontend/frinet_db.so

# Symlink (or copy) the IDA Plugin
ln -s $PWD/frontend ~/.idapro/plugins/frinet

Usage

# 1. Trace /bin/ls with frida
python tracer/trace.py spawn /bin/ls ls 0x4c00

# 2. Build an optimised index of the trace
cargo run --bin frinet --release -- index --format tenet tracer/traces/ls_xxxx.tenet ls.db

# 3. Open the trace in IDA (File > Load File > Open Frinet DB...)

Testing & Fuzzing & Benchmark

cargo test

cargo install cargo-fuzz
cargo +nightly fuzz run --fuzz-dir crates/fuzz register_indexing

cargo install cargo-criterion
BENCH_DB=my.db cargo criterion

Highly Recommended:Google Play 4.7 Star Android Developer Tools, Decompile, View Manifest, Open Debug Options Quickly

Apps
Android Developer Tools
Android Developer Tools Pro
About Me
Tools: TimeShining
GitHub: Trinea
Facebook: Dev Tools
AI Daily Digest
Daily AI News & Insights