Workflow

Objection

Latest version: v1.11.0

Safety actively analyzes 706259 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 2 of 5

1.9.4

fixes
- Fix path for embedding scripts on Android platforms (https://github.com/sensepost/objection/commit/1db2da7a4db71e608acd8f02a487dc6a662defec)

[Code Diff Since v1.9.3](https://github.com/sensepost/objection/compare/1.9.3%E2%80%A61.9.4)

1.9.3

fixes
- Improve error handling when the `--skip-resources` flag is used. Thanks mtschirs (374)
- Exclude leanback activities (AndroidTV) from launchable activity detection in the Android patcher. Thanks mtschirs (374)
- Ensure that ObjC API's are not called if they are not needed. Fixes 377 (https://github.com/sensepost/objection/commit/8e53e4bce4b3ff67d23dde83db973edc3d82aa2c)

other
- Bump agent dependencies (https://github.com/sensepost/objection/commit/4f3ee36e3c3bfff9b39eba06eb918376c4ffbfa8)
- Disable compression in agent builds. This was messing with line numbers in the generated source map (https://github.com/sensepost/objection/commit/ac94e705f75daa4ad7c4d694a5630e17ddc1780a)

[Code Diff Since v1.9.2](https://github.com/sensepost/objection/compare/1.9.2%E2%80%A61.9.3)

1.9.2

new
- Expose the `ping` command to the CLI to check if the agent is alive and responds. (https://github.com/sensepost/objection/commit/fee42b3947a9c7d3e22b10305e1c8b130d923821)

fixes
- Fix a typo in the `android hooking generate simple` command. Thanks Techbrunch (360)
- Add missing quotes to the `ios hooking watch method command` help file (https://github.com/sensepost/objection/commit/a5a1edb4bda424f25c5529f31313d4d706afef54)
- Improve error reporting when hooking iOS selectors (https://github.com/sensepost/objection/commit/0a206c8401c326fdf0b11b2f0fa1ab472b55a3dc)
- Improve Windows `apktool` version detection, again (https://github.com/sensepost/objection/commit/46f8d0cc12fb425005e332947a6c9d197a8af243)

other
- Bump agent dependencies (https://github.com/sensepost/objection/commit/a69fffc4f813456a2400a4f0d960e3bfea75764d)

[Code Diff Since v1.9.1](https://github.com/sensepost/objection/compare/1.9.1%E2%80%A61.9.2)

1.9.1

new
- Extend support for embedding a gadget configuration and script added in version 1.9.0 to iOS IPA's. Thanks interference-security (349)
- Automatically toggle `extractNativeLibs` to `false` in Android manifests (with a flag to leave the value untouched). Thanks StingraySA (353)
- Refactor the `ios keychain add` command. The `--key` flag has been removed in favour of the `--account` and `--service` flags, allowing for more granular setting of attributes for a keychain item. (https://github.com/sensepost/objection/commit/4dadfc497864ff8d0eeff6b4d4468a1645558a95)

fixes
- Improve `apktool` version parsing on Windows (https://github.com/sensepost/objection/commit/79aa7ed881789e5c9458e6a09573bbc848c02441)
- Fix command line overload parsing for the `android watch class_method` command (https://github.com/sensepost/objection/commit/f08cc24cd9bde142c754876690877f5cc5071b84)
- Improve shell command argument. Thanks dvalter (355)

other
- Bump agent dependencies (https://github.com/sensepost/objection/commit/cf204a0e28f247e2aa760f03dc74e30a1928788b)

[Code Changes Since v1.9.0](https://github.com/sensepost/objection/compare/1.9.0%E2%80%A61.9.1)

1.9.0

new
- Add the `--inline` flag to the `ios heap execute js` command, allowing for inline JavaScript evaluation on iOS heap objects. (https://github.com/sensepost/objection/commit/956056aab6d18bbc37105902996102f02a492a67)
- Add a new `--unzip-unicode` flag to the iOS IPA patcher to treat the IPA name as unicode. Thanks Fabiano1107 (309)
- Add the ability to patch in a gadget configuration and script to Android APK's, making it possible to eternalise scripts without needing a computer. _Note: This is an Android only feature for now and needs porting for iOS._ For more information, please see: [https://frida.re/docs/gadget/](https://frida.re/docs/gadget/). Thanks gergesh (#329)
- Improve the Android method watcher by dumping information about objects instead of simply showing `[object, object]` for the argument. Thanks arielmiki (334)
- Improve anti-frida evasion by using a different prefix for `.dex` files generated by `Java.registerClass()`. An example patch to recompile the Android frida-server with the name `frida` renamed to `freeda` can be seen [here](https://gist.github.com/leonjza/a5c6fe7238250ec2c584348e4075b9e0). (https://github.com/sensepost/objection/commit/d1035e566cef7e4e4c139258ee6d112adafa09af)
- Add a new `android keystore watch` command. This command will report usages of the `java.security.KeyStore` class, revealing the password used when accessing items. (https://github.com/sensepost/objection/commit/0513b2d780092eedc95390db51c27c895606f241)


fixes
- Fix `android hooking set return_value` crashing when no optional overload is set. Thanks root-intruder (307)
- Fix suggested package name for `jarsigner` on Linux. Thanks RomainL972 (327)
- Update the iOS biometrics bypass script to handle cases where applications check for an error rather than if a success status was returned. Thanks gagnonca (333)
- Android patcher improvements. This comes mostly by enforcing the use of `apktool` version 2.4.1 and up, as well as by automatically running the `empty-framework-dir` command before patching. Information about upgrading `apktool` can be found in the wiki [here](https://github.com/sensepost/objection/wiki/Apktool-Upgrades). (https://github.com/sensepost/objection/commit/46288b5c7b708837bf15e03e44f3d45fa24f148f)
- Fix Android root detection scripts that were pretty horribly broken 😂 (https://github.com/sensepost/objection/commit/539fc306ca88b6f4f47c486d195c18e896280af6)

other
- Bump Python dependencies (https://github.com/sensepost/objection/commit/e09e7bda54e188b3119b0c3c52e6be9f4cb68860)
- Bump agent dependencies (https://github.com/sensepost/objection/commit/326b28ec330802cfea0509d96e0c7a1551125c37, https://github.com/sensepost/objection/commit/ae91da03e55e3b0dcd7aa33d03cd6d89ffd51ad3, https://github.com/sensepost/objection/commit/1b78cb36123e5cb7d1b03d5fdf3cd2d8257f9c20, https://github.com/sensepost/objection/commit/d672f1a554212167d922c6260bfe2800c8ef3e3c, https://github.com/sensepost/objection/commit/2ee2dda2f9c356190963099ec174d0ecdafcb6c4, https://github.com/sensepost/objection/commit/5583264e7d4fca67e511ec2525d0d43149f9593c)
- Remove support for Python 3.5 (https://github.com/sensepost/objection/commit/1b198e8fca04218f2994d24e08e37225437794dc)
- Code cleanups. (https://github.com/sensepost/objection/commit/be95b6006038ccb1b9985a4174b596a4b0e86836, https://github.com/sensepost/objection/commit/b63f6fb2ccaf6e32eb12617042beed5d0f3765d7)

[Code Changes Since v1.8.4](https://github.com/sensepost/objection/compare/1.8.4%E2%80%A61.9.0)

1.8.4

other
- Temporarily pin the frida-tools version, pending upstream upgrades.

[Code Changes Since v1.8.3](https://github.com/sensepost/objection/compare/1.8.3%E2%80%A61.8.4)

Page 2 of 5

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.