flutter_rasp 2.0.0 copy "flutter_rasp: ^2.0.0" to clipboard
flutter_rasp: ^2.0.0 copied to clipboard

Published 5 days agoverified publisherjuandpt.dev• Latest: 3.6.0
[unknown platforms]

Metadata

A comprehensive RASP (Runtime Application Self-Protection) plugin for Flutter. Detect root, jailbreak, emulators, debuggers, hooks, repackaging, untrusted installs, VPN, and more.

More...

Flutter RASP #

pub package License: MIT Platform

A comprehensive RASP (Runtime Application Self-Protection) plugin for Flutter. Protect your app against reverse engineering, tampering, and runtime attacks with zero external SDK dependencies.

Features #

Threat Android iOS Description
Root / Jailbreak Detects rooted devices, su binaries, Cydia, sandbox escape
Emulator / Simulator Identifies emulators via build properties and environment
Debugger Detects attached debuggers (JDWP, ptrace)
Hooks (Frida/Xposed) Scans for Frida, Xposed, Cycript, Substrate
Repackaging Verifies signing certificates, bundle ID, team ID
Trusted Install Detects sideloaded apps and untrusted installation sources
VPN Detects active VPN connections
Developer Mode Checks if developer options or ADB are enabled
Device Passcode Detects devices without screen lock
Secure Hardware Detects missing hardware-backed keystore (TEE/StrongBox, Secure Enclave)
Obfuscation Detects unobfuscated binaries with readable class/symbol names
Time Spoofing Detects disabled automatic time synchronization
Location Spoofing Detects mock location apps and settings
Multi-Instance Detects cloned/dual-app environments
Screen Capture Blocks screenshots and screen recording

Getting Started #

dependencies:
  flutter_rasp: ^2.0.0
Platform Minimum Version
Android API 24 (Android 7.0)
iOS 13.0

No additional permissions required. Zero external SDK dependencies.

Usage #

Initialization #

import 'package:flutter_rasp/flutter_rasp.dart';

void main() async {
  WidgetsFlutterBinding.ensureInitialized();

  await FlutterRasp.instance.initialize(
    config: const RaspConfig(
      policy: ThreatPolicy.high,
      monitoringInterval: Duration(seconds: 10),
      androidConfig: AndroidRaspConfig(
        signingCertHashes: ['AKoRuyLMM91E7lX/Zqp3u4jMmd0A7hH/Iqozu0TMVd0='],
      ),
      iosConfig: IosRaspConfig(
        teamId: 'A1B2C3D4E5',
        bundleIds: ['com.yourcompany.yourapp'],
      ),
    ),
    onThreatDetected: (threats) => debugPrint('$threats'),
    threatCallback: ThreatCallback(
      onRoot: () => navigateToBlockedScreen(),
      onVpn: () => showVpnWarning(),
    ),
  );

  runApp(const MyApp());
}

Note: At least one of onThreatDetected or threatCallback must be provided.

Platform Configuration #

AndroidsigningCertHashes expects your signing certificate fingerprint in Base64 format.

  1. Get the SHA-256 fingerprint from keytool, Google Play Console (App signing section), or Firebase Console. You will end up with a hex string like this:

    A1:2B:3C:4D:5E:6F:70:81:92:A3:B4:C5:D6:E7:F8:09:1A:2B:3C:4D:5E:6F:70:81:92:A3:B4:C5:D6:E7:F8:09

  2. Convert it to Base64. You can get it directly from terminal:

    keytool -list -v -keystore your-keystore.jks -alias your-alias 2>/dev/null \
  | grep SHA256 | awk '{print $2}' | tr -d ':' | xxd -r -p | base64

    Or use the built-in utility:

    final base64Hash = hashConverter.fromSha256toBase64(
  'A1:2B:3C:4D:5E:6F:70:81:92:A3:B4:C5:D6:E7:F8:09:1A:2B:3C:4D:5E:6F:70:81:92:A3:B4:C5:D6:E7:F8:09',
);

iOS — Find your Team ID at Apple Developer AccountMembership Details.

Supported Stores / Distribution Methods #

The supportedStores parameter in AndroidRaspConfig controls which install sources are considered trusted.

Store / Distribution method Package name Notes
App Store (iOS) Included by default, no action needed
TestFlight (iOS) Included by default, no action needed
Google Play com.android.vending Included by default, no action needed
Huawei AppGallery com.huawei.appmarket Included by default, no action needed
Amazon Appstore com.amazon.venezia Included by default, no action needed
Samsung Galaxy Store com.sec.android.app.samsungapps Included by default, no action needed
Firebase App Distribution dev.firebase.appdistribution
Vivo App Store com.vivo.appstore Common on Vivo devices
HeyTap com.heytap.market Common on Realme and Oppo devices
Oppo App Market com.oppo.market Common on Oppo devices
GetApps com.xiaomi.mipicks Common on Xiaomi, Redmi and POCO devices

To support additional stores, add their package names:

AndroidRaspConfig(
  signingCertHashes: ['...'],
  supportedStores: [
    ...AndroidRaspConfig().supportedStores,
    'dev.firebase.appdistribution',  // Firebase App Distribution
    'com.vivo.appstore',             // Vivo App Store
    'com.heytap.market',             // HeyTap (Realme, Oppo)
    'com.oppo.market',               // Oppo App Market
    'com.xiaomi.mipicks',            // GetApps (Xiaomi, Redmi, POCO)
  ],
);

Threat Policies #

Policies control which threats terminate the app at the native level before Dart code can react.

Policy Exit Threats
ThreatPolicy.none None (report only)
ThreatPolicy.low repackaging, trustedInstall
ThreatPolicy.medium root, hook, repackaging, trustedInstall, obfuscationIssues, multiInstance
ThreatPolicy.high root, hook, repackaging, trustedInstall, debug, devicePasscode, obfuscationIssues, multiInstance, secureHardwareNotAvailable, locationSpoofing 
const policy = ThreatPolicy(
  exitThreats: {Threat.root, Threat.repackaging, Threat.vpn},
);

Tip: Use ThreatPolicy.none during development.

Scans & Individual Checks #

final result = await FlutterRasp.instance.scanAll();
if (result.isCompromised) {
  debugPrint('Detected: ${result.detectedThreats}');
}

Available: isRooted(), isEmulator(), isDebugged(), isHooked(), isRepackaged(), isUntrustedInstall(), isVpnConnected(), isDeveloperMode(), isDevicePasscodeDisabled(), isSecureHardwareUnavailable(), hasObfuscationIssues(), isTimeSpoofed(), isLocationSpoofed(), isMultiInstance().

Screen Capture Protection #

await FlutterRasp.instance.blockScreenCapture(true);

Architecture #

Flutter App
    │
FlutterRasp (Singleton)
    │
FlutterRaspPlatform (Interface)
    │
MethodChannelFlutterRasp
    ├── MethodChannel (commands/checks)
    └── EventChannel  (threat stream)

    Android (Kotlin)              iOS (Swift)
    ─────────────────             ─────────────────
    DetectorRegistry              DetectorRegistry
    ├── RootDetector              ├── JailbreakDetector
    ├── EmulatorDetector          ├── SimulatorDetector
    ├── DebugDetector             ├── DebugDetector
    ├── HookDetector              ├── HookDetector
    ├── RepackagingDetector       ├── RepackagingDetector
    ├── TrustedInstallDetector    ├── TrustedInstallDetector
    ├── VpnDetector               ├── VpnDetector
    ├── DeveloperModeDetector     ├── DevicePasscodeDetector
    ├── DevicePasscodeDetector    └── SecureHardwareDetector
    ├── SecureHardwareDetector    ScreenCaptureManager
    ├── ObfuscationDetector
    ├── TimeSpoofingDetector
    ├── LocationSpoofingDetector
    └── MultiInstanceDetector
    ScreenCaptureManager

Contributing #

Contributions are welcome! Please feel free to submit a Pull Request.

Adding a New Detector #

  1. Create a detector class implementing ThreatDetector (Android) or ThreatDetectable (iOS)
  2. Add it to the DetectorRegistry list
  3. Add the corresponding Threat enum value in Dart

License #

This project is licensed under the MIT License - see the LICENSE file for details.

Metadata

0
likes
0
points
324
downloads

Publisher

verified publisherjuandpt.dev

Weekly Downloads

Metadata

A comprehensive RASP (Runtime Application Self-Protection) plugin for Flutter. Detect root, jailbreak, emulators, debuggers, hooks, repackaging, untrusted installs, VPN, and more.

Homepage
Repository (GitHub)
View/report issues

Topics

#security #rasp #jailbreak #root-detection #flutter-plugin

License

unknown (license)

Dependencies

flutter, plugin_platform_interface

More

Packages that depend on flutter_rasp

Packages that implement flutter_rasp

Back