Components

objection is made up of three primary components:

• The Frida Gadget: The first component is the Frida Gadget that runs in embedded mode and starts up with a patched mobile application. Frida acts as the backbone for most of the magic under the hood, running the hooks provided by objection. It enables the dynamic instrumentation needed for analyzing and modifying the behavior of mobile apps at runtime, making this tool possible in the first place.

• The objection CLI Tool: The second component is the objection command-line tool itself. This Python software component provides the user-facing interface, including commands and the explore REPL (Read-Eval-Print Loop). It acts as the bridge between the user and the loaded Frida Gadget, facilitating the execution of hooks and processing the output generated. The command suite makes it easier to interact with different aspects of the mobile app dynamically.

• The Objection Hooks: Lastly, the objection hooks form the third component. These hooks are written in TypeScript and compiled into a single agent.js file. When deployed, they execute within Frida's supported runtime environments. The hooks are what enable all the powerful features of objection, such as bypassing SSL pinning, accessing the application's runtime data, and more.

Together, these components create an easy-to-use yet powerful platform for mobile app security assessments, allowing users to manipulate and inspect app behavior without requiring extensive setup.