Flutter RASP

A comprehensive RASP (Runtime Application Self-Protection) plugin for Flutter. Protect your app against reverse engineering, tampering, and runtime attacks with zero external SDK dependencies.

---

Features

Threat	Android	iOS	Description
Root / Jailbreak	:white_check_mark:	:white_check_mark:	Detects rooted devices, su binaries, Cydia, sandbox escape
Emulator / Simulator	:white_check_mark:	:white_check_mark:	Identifies emulators via build properties and environment
Debugger	:white_check_mark:	:white_check_mark:	Detects attached debuggers (JDWP, ptrace)
Hooks (Frida/Xposed)	:white_check_mark:	:white_check_mark:	Scans for Frida, Xposed, Cycript, Substrate
Repackaging	:white_check_mark:	:white_check_mark:	Verifies signing certificates, bundle ID, team ID, injected dylibs
Trusted Install	:white_check_mark:	:white_check_mark:	Detects sideloaded apps and untrusted installation sources
VPN	:white_check_mark:	:white_check_mark:	Detects active VPN connections
Developer Mode	:white_check_mark:	:x:	Checks if developer options or ADB are enabled
Device Passcode	:white_check_mark:	:white_check_mark:	Detects devices without screen lock
Screen Capture	:white_check_mark:	:white_check_mark:	Blocks screenshots and screen recording

---

Getting Started

dependencies:
  flutter_rasp: ^1.1.1

Platform	Minimum Version
Android	API 24 (Android 7.0)
iOS	13.0

No additional permissions required.

---

Usage

Initialization

import 'package:flutter_rasp/flutter_rasp.dart';

void main() async {
  WidgetsFlutterBinding.ensureInitialized();

  await FlutterRasp.instance.initialize(
    config: const RaspConfig(
      policy: ThreatPolicy.high,
      monitoringInterval: Duration(seconds: 10),
      androidConfig: AndroidRaspConfig(
        signingCertHashes: ['AKoRuyLMM91E7lX/Zqp3u4jMmd0A7hH/Iqozu0TMVd0='],
      ),
      iosConfig: IosRaspConfig(
        teamId: 'A1B2C3D4E5',
        bundleIds: ['com.yourcompany.yourapp'],
      ),
    ),
    onThreatDetected: (threats) => debugPrint('$threats'),
    threatCallback: ThreatCallback(
      onRoot: () => navigateToBlockedScreen(),
      onVpn: () => showVpnWarning(),
    ),
  );

  runApp(const MyApp());
}

Note: At least one of onThreatDetected or threatCallback must be provided.

Platform Configuration

Android — Get your signing certificate hash:

keytool -list -v -keystore your-keystore.jks -alias your-alias 2>/dev/null \
  | grep SHA256 | awk '{print $2}' | tr -d ':' | xxd -r -p | base64

Or use the built-in converter: hashConverter.fromSha256toBase64('AE:4F:12:...')

iOS — Find your Team ID at Apple Developer Account → Membership Details.

Threat Policies

Policies control which threats terminate the app at the native level before Dart code can react.

Policy	Exit Threats
ThreatPolicy.none	None (report only)
ThreatPolicy.low	repackaging, trustedInstall
ThreatPolicy.medium	root, hook, repackaging, trustedInstall
ThreatPolicy.high	root, hook, repackaging, trustedInstall, debug, devicePasscode

const policy = ThreatPolicy(
  exitThreats: {Threat.root, Threat.repackaging, Threat.vpn},
);

Tip: Use ThreatPolicy.none during development.

Scans & Individual Checks

final result = await FlutterRasp.instance.scanAll();
if (result.isCompromised) {
  debugPrint('Detected: ${result.detectedThreats}');
}

Available: isRooted(), isEmulator(), isDebugged(), isHooked(), isRepackaged(), isUntrustedInstall(), isVpnConnected(), isDeveloperMode(), isDevicePasscodeDisabled().

Screen Capture Protection

await FlutterRasp.instance.blockScreenCapture(true);

---

Architecture

Flutter App
    │
FlutterRasp (Singleton)
    │
FlutterRaspPlatform (Interface)
    │
MethodChannelFlutterRasp
    ├── MethodChannel (commands/checks)
    └── EventChannel  (threat stream)

    Android (Kotlin)              iOS (Swift)
    ─────────────────             ─────────────────
    DetectorRegistry              DetectorRegistry
    ├── RootDetector              ├── JailbreakDetector
    ├── EmulatorDetector          ├── SimulatorDetector
    ├── DebugDetector             ├── DebugDetector
    ├── HookDetector              ├── HookDetector
    ├── RepackagingDetector       ├── RepackagingDetector
    ├── TrustedInstallDetector    ├── TrustedInstallDetector
    ├── VpnDetector               ├── VpnDetector
    ├── DeveloperModeDetector     ├── DevicePasscodeDetector
    └── DevicePasscodeDetector    └── ScreenCaptureManager
    ScreenCaptureManager

---

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

Adding a New Detector

1. Create a detector class implementing ThreatDetector (Android) or ThreatDetectable (iOS)
2. Add it to the DetectorRegistry list
3. Add the corresponding Threat enum value in Dart

---

License

This project is licensed under the MIT License - see the LICENSE file for details.