FuzzySecurity

FuzzySecurity / kahlo-mcp

Public

A Frida MCP server to enable autonomous AI assistance for Android instrumentation

33
1
100% credibility
Found Feb 09, 2026 at 23 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
TypeScript
AI Summary

Kahlo is a bridge that lets AI assistants dynamically analyze and instrument running Android apps by injecting safe explorer scripts and capturing insights.

How It Works

1
📱 Connect your phone

Plug in your Android phone and see it light up as ready to explore.

2
🔍 Pick an app to peek into

Choose a running app or start a new one to watch how it works inside.

3
🕵️ Sneak a look with smart helpers

Your AI buddy attaches quietly and starts running tiny explorer scripts to reveal secrets.

4
📊 Watch live clues roll in

See real-time updates, logs, and grabbed files showing what's happening deep inside the app.

5
💾 Save your favorite tricks

Turn working explorer scripts into reusable tools for next time.

🎉 Unlock the app's hidden world

You now understand exactly how the app ticks, with all your discoveries safe and ready to share.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 23 to 33 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is kahlo-mcp?

Kahlo-mcp is a TypeScript Frida MCP server that lets AI agents autonomously instrument Android apps via structured tools like device listing, process attachment, job execution, event streaming, and artifact storage. It solves the pain of manual Frida scripting by exposing runtime manipulation—hooking methods, inspecting objects, capturing traces—as MCP endpoints for tools in Claude Code, Cursor, or Codex CLI. Push frida-server to your Android device, tweak config.json with adbPath, npm install/build, and integrate for hands-off frida github android sessions.

Why is it gaining traction?

Unlike raw Frida scripts or frida github termux hacks, kahlo-mcp provides isolation per job (auto-cleanup on cancel), a stdlib for stack traces/Intents/hooking, and cursor-paged events/artifacts—perfect for iterative AI-driven analysis without boilerplate. AI agents can spawn/attach targets, promote working jobs to reusable modules, and stream telemetry, making frida mcp server a game-changer for automated reversal. Early adopters praise the blog post's architecture diagram and seamless MCP integration.

Who should use this?

Android security researchers reversing APKs with AI assistance, or pentesters automating dynamic analysis beyond frida github apk dumps. Ideal for devs scripting frida github ios alternatives on rooted devices, or building agentic workflows in Cursor/Claude for hook-based tracing without constant manual tweaks.

Verdict

Worth starring at 23 stars for frida mcpherson fans experimenting with AI-orchestrated Android assistance, but 1.0% credibility signals alpha-stage risks—solid README/tools reference, yet sparse tests and SSE transport pending. Try on non-prod devices if you're into frida mcp github innovation.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.