lamda

LAMDA is a distributed Android reverse engineering and automation framework designed to reduce security analysis and testing time by exposing a programmable interface for common tasks. It aggregates a wide range of capabilities—from remote desktop access and file transfer to Frida-based instrumentation, VPN and proxy support, automatic task scheduling, and UI automation—so you can manage devices across diverse networks without relying on USB connections. The server-side component runs on devices (or emulated environments) and exposes tools to control and monitor devices remotely, while the client-side or orchestration layer lets you integrate these actions into scripts or workflows. Typical use-cases include setting up device proxies, capturing and replaying network traffic with MITM, invoking Frida-based Java interfaces, uploading or downloading files, executing commands on devices, and running automated tests or demonstrations against real devices or emulators. The tools are designed to be scriptable via Python, with a focus on distributed operation and web-based interaction, enabling you to connect from anywhere with network access.

Once installed, you can connect to Lamda-enabled devices, start a remote desktop session in your browser, configure and deploy proxies or VPNs, inject and control Frida RPC scripts, and orchestrate complex automation tasks through code. The system also provides a way to inspect UI layouts for automation, index device directories for quick file access, and run built-in scheduled tasks. In short, LAMDA provides a comprehensive toolkit for remote device management, automation, and dynamic instrumentation, all accessible through programmable interfaces.

Prerequisites:

• A recent Android device or emulator with root access
• A host machine with network reach to devices (or cloud/mobile hosts)
• Python 3.9+ (if relying on Python-based components) and uvx tooling if using the Python deployment path
• Optional PEM certificate for secure deployment when connecting over untrusted networks

Installation steps (UVW/uvx path):

1. Ensure your environment satisfies the prerequisites:

• Root access on target devices
• Network connectivity between host and devices
• PEM certificate prepared if you plan to enable TLS/mitm protections

2. Install the Lamda package via uvx (Python-based distribution):

uvx run firerpa-lamda

3. Verify installation by listing available commands or launching a minimal test:

uvx info firerpa-lamda

4. If your deployment requires a specific image or container (alternative path):

• For Docker-based deployment, pull the Lamda image and run it:

docker run -it lamda/lamda:latest

5. Configure environment as needed (see env vars in the mcp_config). For example, set up a PEM certificate path if required by your network topology:

export LAMDA_CERT=/path/to/your/cert.pem

6. Start the Lamda service on the target device or host according to your deployment method (uvx, docker, or other). Ensure the service is reachable from your orchestration layer.

Note: If you prefer a containerized or docker-based deployment, you can adapt the docker run command to your environment and include environment variables and port mappings as needed.

Tips and common issues:

• Ensure root access and disable any security measures that may block Frida or MITM proxies during initial setup (as described in the prerequisites).
• When using TLS/PEM certificates, keep your private keys secure and restrict access to the certificate path.
• Lamda is designed to be distributed; verify network reachability between the host and all target devices, especially across cloud or remote networks.
• If you encounter connection drops, check firewall rules and ensure that the Lamda service is listening on the expected ports.
• For OpenVPN and proxy features, confirm that the VPN you plan to use is compatible with your devices and that required user credentials or certificates are correctly configured.
• Review the Tools and Tutorials in the repository (tools directory) for step-by-step guidance on specific features like MITM analysis, Frida RPC injections, and remote desktop usage.