frankheat

frankheat / noxen

Public

Android interception tool for component communication and attack-surface mapping

android android-security bug-bounty mobile-security pentesting
78
7
100% credibility
Found May 13, 2026 at 78 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
JavaScript
AI Summary

noxen is a terminal UI tool that uses Frida to intercept, inspect, modify, and log Android Intent communications at runtime for security research.

How It Works

1
🔍 Discover noxen

You hear about noxen, a handy tool that lets you peek inside Android apps to spot security weak spots by watching how they talk to each other.

2
📥 Set it up quickly

Download and install it on your computer with a simple command, and it grabs everything it needs to start working.

3
📱 Connect your phone

Plug in your phone or connect wirelessly, pick it from the list, and choose an app to watch.

4
👀 Watch messages flow

Hit start and see app messages pop up live in a colorful screen, showing exactly what's being sent around.

5
✏️ Inspect and tweak

Click into a message to read details, change parts like destinations or add notes, then forward, block, or alter it.

6
💾 Save your session

Everything gets saved automatically to a project file so you can review history, filter, and export findings later.

Spot the risks

You now have a clear map of the app's hidden connections and vulnerabilities, ready to fix or report them.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 78 to 78 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is noxen?

Noxen is a Python tool that uses Frida to intercept Android app Intents at runtime, letting you map component communication and attack surfaces in real time. From a terminal UI built with Textual, you capture details like actions, URIs, extras, and stack traces, then inspect, modify, forward, or drop them on the fly. It solves the pain of static analysis by revealing dynamic behaviors, with extras like APK hook generation via `noxen-analyze` and experimental ANR bypass for rooted devices.

Why is it gaining traction?

Unlike basic Frida scripts or Drozer, noxen delivers a polished TUI for live intent tweaking without scripting every hook, plus filters for noise reduction and project files to persist sessions. Developers grab the android github source, pip install, and start with `noxen --new-project myapp`—no Android Studio hassle, works in GitHub Codespaces or locally. The attack-surface labels and PendingIntent tracking make it a quick win for spotting exploitable paths.

Who should use this?

Android security researchers probing app attack-surfaces, pentesters fuzzing intents, or reverse engineers mapping broadcasts/services without full decompiles. Ideal for folks evaluating exported components or testing privilege escalations on emulators/rooted phones, especially if you're already using Frida for dynamic instrumentation.

Verdict

Grab it if Android attack-surface mapping is your jam—78 stars show early interest, and docs are solid for a 1.0% credibility score project. Still maturing (light tests, v0.1), so pair with the playground app for validation, but it's already more usable than raw Frida for intent hunting.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.