flutter_rasp 1.1.0 copy "flutter_rasp: ^1.1.0" to clipboard
flutter_rasp: ^1.1.0 copied to clipboard

Published 5 days agoverified publisherjuandpt.dev• Latest: 3.6.0
[unknown platforms]

Metadata

A comprehensive RASP (Runtime Application Self-Protection) plugin for Flutter. Detect root, jailbreak, emulators, debuggers, hooks, repackaging, untrusted installs, VPN, and more.

More...

Flutter RASP #

pub package License: MIT Platform

A comprehensive RASP (Runtime Application Self-Protection) plugin for Flutter. Protect your app against reverse engineering, tampering, and runtime attacks with zero external SDK dependencies.

Features #

Threat Android iOS Description
Root / Jailbreak Detects rooted devices, su binaries, Cydia, sandbox escape
Emulator / Simulator Identifies emulators via build properties and environment
Debugger Detects attached debuggers (JDWP, ptrace)
Hooks (Frida/Xposed) Scans for Frida, Xposed, Cycript, Substrate
Repackaging Verifies signing certificates, bundle ID, team ID, injected dylibs
Trusted Install Detects sideloaded apps and untrusted installation sources
VPN Detects active VPN connections
Developer Mode Checks if developer options or ADB are enabled
Device Passcode Detects devices without screen lock
Screen Capture Blocks screenshots and screen recording

Getting Started #

dependencies:
  flutter_rasp: ^1.1.0
Platform Minimum Version
Android API 24 (Android 7.0)
iOS 13.0

No additional permissions required.

Usage #

Initialization #

import 'package:flutter_rasp/flutter_rasp.dart';

void main() async {
  WidgetsFlutterBinding.ensureInitialized();

  await FlutterRasp.instance.initialize(
    config: const RaspConfig(
      policy: ThreatPolicy.high,
      monitoringInterval: Duration(seconds: 10),
      androidConfig: AndroidRaspConfig(
        signingCertHashes: ['AKoRuyLMM91E7lX/Zqp3u4jMmd0A7hH/Iqozu0TMVd0='],
      ),
      iosConfig: IosRaspConfig(
        teamId: 'A1B2C3D4E5',
        bundleIds: ['com.yourcompany.yourapp'],
      ),
    ),
    onThreatDetected: (threats) => debugPrint('$threats'),
    threatCallback: ThreatCallback(
      onRoot: () => navigateToBlockedScreen(),
      onVpn: () => showVpnWarning(),
    ),
  );

  runApp(const MyApp());
}

Note: At least one of onThreatDetected or threatCallback must be provided.

Platform Configuration #

Android — Get your signing certificate hash:

keytool -list -v -keystore your-keystore.jks -alias your-alias 2>/dev/null \
  | grep SHA256 | awk '{print $2}' | tr -d ':' | xxd -r -p | base64

Or use the built-in converter: hashConverter.fromSha256toBase64('AE:4F:12:...')

iOS — Find your Team ID at Apple Developer AccountMembership Details.

Threat Policies #

Policies control which threats terminate the app at the native level before Dart code can react.

Policy Exit Threats
ThreatPolicy.none None (report only)
ThreatPolicy.low repackaging
ThreatPolicy.medium root, hook, repackaging
ThreatPolicy.high root, hook, repackaging, debug 
const policy = ThreatPolicy(
  exitThreats: {Threat.root, Threat.repackaging, Threat.vpn},
);

Tip: Use ThreatPolicy.none during development.

Scans & Individual Checks #

final result = await FlutterRasp.instance.scanAll();
if (result.isCompromised) {
  debugPrint('Detected: ${result.detectedThreats}');
}

Available: isRooted(), isEmulator(), isDebugged(), isHooked(), isRepackaged(), isTrustedInstall(), isVpnConnected(), isDeveloperMode(), isDevicePasscodeDisabled().

Screen Capture Protection #

await FlutterRasp.instance.blockScreenCapture(true);

Architecture #

Flutter App
    │
FlutterRasp (Singleton)
    │
FlutterRaspPlatform (Interface)
    │
MethodChannelFlutterRasp
    ├── MethodChannel (commands/checks)
    └── EventChannel  (threat stream)

    Android (Kotlin)              iOS (Swift)
    ─────────────────             ─────────────────
    DetectorRegistry              DetectorRegistry
    ├── RootDetector              ├── JailbreakDetector
    ├── EmulatorDetector          ├── SimulatorDetector
    ├── DebugDetector             ├── DebugDetector
    ├── HookDetector              ├── HookDetector
    ├── RepackagingDetector       ├── RepackagingDetector
    ├── TrustedInstallDetector    ├── TrustedInstallDetector
    ├── VpnDetector               ├── VpnDetector
    ├── DeveloperModeDetector     ├── DevicePasscodeDetector
    └── DevicePasscodeDetector    └── ScreenCaptureManager
    ScreenCaptureManager

Contributing #

Contributions are welcome! Please feel free to submit a Pull Request.

Adding a New Detector #

  1. Create a detector class implementing ThreatDetector (Android) or ThreatDetectable (iOS)
  2. Add it to the DetectorRegistry list
  3. Add the corresponding Threat enum value in Dart

License #

This project is licensed under the MIT License - see the LICENSE file for details.

Metadata

0
likes
0
points
324
downloads

Publisher

verified publisherjuandpt.dev

Weekly Downloads

Metadata

A comprehensive RASP (Runtime Application Self-Protection) plugin for Flutter. Detect root, jailbreak, emulators, debuggers, hooks, repackaging, untrusted installs, VPN, and more.

Homepage
Repository (GitHub)
View/report issues

Topics

#security #rasp #jailbreak #root-detection #flutter-plugin

License

unknown (license)

Dependencies

flutter, plugin_platform_interface

More

Packages that depend on flutter_rasp

Packages that implement flutter_rasp

Back