Nullkia
NullKia Mobile Security Framework - Tools in Nim, Crystal, V, D, Red, Odin, Haxe, Zig, Kotlin, Lua, PHP, Python | bad-antics | github.com/bad-antics
Install / Use
/learn @bad-antics/NullkiaREADME
📱 NullKia
Mobile Security Framework v3.0.0
███╗ ██╗██╗ ██╗██╗ ██╗ ██╗ ██╗██╗ █████╗
████╗ ██║██║ ██║██║ ██║ ██║ ██╔╝██║██╔══██╗
██╔██╗ ██║██║ ██║██║ ██║ █████╔╝ ██║███████║
██║╚██╗██║██║ ██║██║ ██║ ██╔═██╗ ██║██╔══██║
██║ ╚████║╚██████╔╝███████╗███████╗██║ ██╗██║██║ ██║
╚═╝ ╚═══╝ ╚═════╝ ╚══════╝╚══════╝╚═╝ ╚═╝╚═╝╚═╝ ╚═╝
[ MOBILE SECURITY FRAMEWORK v3.0 | bad-antics ]
🔓 Join github.com/bad-antics/nullkia/issues for encryption keys & firmware unlocks!
</div>🆕 What's New in v3.0
- 8 New Manufacturers — Nothing, OPPO, Vivo, Realme, ASUS, ZTE, Fairphone, TCL
- Baseband Exploitation — Shannon/Exynos/Qualcomm modem tools
- eSIM Tools — eUICC provisioning and extraction
- 5G/LTE Security — Band locking, IMSI analysis, carrier unlock
- iOS 17/18 Support — Updated checkm8 toolchain
- Android 14/15 Support — New bypass techniques
- GUI Mode — Optional graphical interface
- Plugin System — Extend with custom modules
⚡ Quick Install
Linux / macOS
curl -sL https://raw.githubusercontent.com/bad-antics/nullkia/main/get-nullkia.sh | bash
Windows (PowerShell as Admin)
iwr -useb https://raw.githubusercontent.com/bad-antics/nullkia/main/install.ps1 | iex
Android (Termux)
pkg install git && git clone https://github.com/bad-antics/nullkia && cd nullkia && make termux
Docker
docker run -it --privileged -v /dev/bus/usb:/dev/bus/usb ghcr.io/bad-antics/nullkia:3.0
GUI Mode
nullkia --gui # Launches graphical interface
🎯 Features
| Feature | Description | |---------|-------------| | 📱 18 Manufacturers | Samsung, Apple, Google, OnePlus, Xiaomi, Huawei, Motorola, LG, Sony, Nokia, Nothing, OPPO, Vivo, Realme, ASUS, ZTE, Fairphone, TCL | | ⚡ Device Detection | Auto-detect ADB, Fastboot, EDL, DFU, Download, BROM modes | | 🔓 Bootloader Tools | Unlock bootloaders across all manufacturers | | 📦 Firmware Utils | Dump, extract, flash, decrypt, and analyze firmware | | 🛡️ Security Bypass | Knox, Titan M, TrustZone, TEE research tools | | 📡 Baseband Tools | Modem exploitation, IMSI extraction, band manipulation | | 📶 Cellular Security | 5G/LTE analysis, carrier unlock, eSIM tools | | 🔧 Unbrick Tools | Recover hard-bricked devices | | 🖥️ Cross-Platform | Linux, macOS, Windows, Termux, Docker | | 🎨 GUI Mode | Optional graphical interface | | 🔌 Plugin System | Extend with custom modules |
🚀 Usage
# Show help
nullkia help
# Launch GUI mode
nullkia --gui
# Scan for connected devices
nullkia device scan
nullkia device info # Detailed device information
# Samsung tools
nullkia samsung knox-bypass
nullkia samsung odin
nullkia samsung frp-bypass
nullkia samsung dump-efs # NEW: Dump EFS partition
# Apple tools (checkm8 devices)
nullkia apple checkm8
nullkia apple dfu
nullkia apple activation # NEW: Activation bypass
nullkia apple icloud # NEW: iCloud tools
# Google Pixel
nullkia google titan-dump # NEW: Titan M research
nullkia google avb-bypass # NEW: AVB bypass
# Baseband/Modem (NEW)
nullkia baseband dump # Dump modem firmware
nullkia baseband shannon # Samsung Shannon exploits
nullkia baseband qualcomm # Qualcomm modem tools
nullkia baseband analyze # Analyze baseband binary
# Cellular/Network (NEW)
nullkia cellular unlock # Carrier unlock
nullkia cellular bands # Band manipulation
nullkia cellular esim # eSIM extraction/provisioning
nullkia cellular imsi # IMSI/IMEI analysis
# Firmware operations
nullkia firmware dump
nullkia firmware flash
nullkia firmware decrypt # NEW: Decrypt firmware
nullkia firmware analyze
nullkia firmware diff # NEW: Compare firmware versions
# Security research
nullkia trustzone dump # NEW: TEE extraction
nullkia bootrom dump # NEW: BootROM extraction
nullkia secure-element # NEW: SE research
# Plugin system (NEW)
nullkia plugin list
nullkia plugin install <name>
nullkia plugin create <name>
# Reboot device
nullkia device reboot fastboot
nullkia device reboot recovery
nullkia device reboot edl
nullkia device reboot brom # NEW: MediaTek BROM mode
📱 Supported Manufacturers (18)
Tier 1 — Full Support
| Manufacturer | Devices | Features | |--------------|---------|----------| | Samsung | Galaxy S/Note/A/M/Z series | Knox bypass, ODIN, FRP, EFS dump, Shannon baseband | | Apple | iPhone 4s → iPhone X (A5-A11) | checkm8, DFU, activation bypass, iCloud tools | | Google | Pixel 1-9, Tensor | Titan M research, fastboot unlock, AVB bypass | | OnePlus | All models | MSM unbrick, OxygenOS tools, Engineering mode | | Xiaomi | Mi/Redmi/POCO/Black Shark | Mi Unlock bypass, EDL, MIUI flash, Secure boot |
Tier 2 — Extended Support
| Manufacturer | Devices | Features | |--------------|---------|----------| | Huawei | P/Mate/Nova (pre-2020) | HiSuite, bootloader unlock, Kirin tools | | OPPO | Find/Reno/A series | ColorOS tools, MSM mode, test points | | Vivo | X/V/Y series | Funtouch tools, fastboot, EDL mode | | Realme | GT/Number series | Realme UI tools, deep testing | | Motorola | Edge/G/Razr | Fastboot unlock, RSD Lite | | Nothing | Phone (1)/(2)/(2a) | Fastboot unlock, Nothing OS tools | | ASUS | ROG Phone/ZenFone | APX mode, unlock tools |
Tier 3 — Basic Support
| Manufacturer | Devices | Features | |--------------|---------|----------| | Sony | Xperia series | Fastboot unlock, Emma tools | | LG | Legacy devices | LAF mode, LGUP | | Nokia | Android devices | Fastboot, OST tools | | ZTE | Blade/Axon | MiFavor tools, EDL | | Fairphone | FP3/FP4/FP5 | Fastboot unlock (official) | | TCL | 10/20/30 series | TCL tools, EDL mode |
📡 Baseband Security (NEW in v3.0)
Supported Modems
| Vendor | Chipsets | Capabilities | |--------|----------|--------------| | Qualcomm | SDX55, SDX65, X65, X70 | Firmware dump, diag mode, band lock | | Samsung Shannon | Shannon 5100, 5123, 5300 | EFS dump, IMEI repair, NV extraction | | MediaTek | Dimensity series | BROM exploit, modem dump | | Intel/Apple | XMM 7560, 8160 | Legacy iPhone baseband | | Exynos Modem | Exynos 5G | Research tools |
Baseband Operations
# Dump modem firmware
nullkia baseband dump --output modem.bin
# Samsung Shannon specific
nullkia baseband shannon --extract-nv
nullkia baseband shannon --patch-imei
# Qualcomm diag mode
nullkia baseband qualcomm --diag-enable
nullkia baseband qualcomm --read-efs
# Band manipulation
nullkia cellular bands --lock "1,3,7,20,28"
nullkia cellular bands --unlock-all
# eSIM operations
nullkia cellular esim --dump-euicc
nullkia cellular esim --list-profiles
🔐 Security Research Tools (NEW)
TEE/TrustZone
# Dump TrustZone components
nullkia trustzone dump --output tz_dump/
# Extract secure world binaries
nullkia trustzone extract-ta # Trusted Applications
# Analyze TEE
nullkia trustzone analyze
BootROM
# Dump BootROM (where supported)
nullkia bootrom dump --chipset exynos9825
# Exploit known vulnerabilities
nullkia bootrom exploit --checkm8 # Apple
nullkia bootrom exploit --mtk-brom # MediaTek
Secure Element
# SE research (Titan M, Knox, etc.)
nullkia secure-element info
nullkia secure-element dump-attestation
📂 Project Structure
nullkia/
├── install.sh # Linux/macOS installer
├── install.ps1 # Windows installer
├── get-nullkia.sh # One-line curl installer
├── Dockerfile # Docker support
├── Makefile # Build system
├── INSTALL.md # Installation guide
│
├── samsung/ # Samsung/Knox tools
├── apple/ # iOS/checkm8 tools
├── google/ # Pixel/Titan M tools
├── oneplus/ # OnePlus tools
├── xiaomi/ # Xiaomi/MIUI tools
├── huawei/ # Huawei/EMUI tools
├── oppo/ # OPPO/ColorOS tools (NEW)
├── vivo/ # Vivo/Funtouch tools (NEW)
├── realme/ # Realme tools (NEW)
├── motorola/ # Motorola tools
├── nothing/ # Nothing Phone tools (NEW)
├── asus/ # ASUS ROG tools (NEW)
├── lg/ # LG tools
├── sony/ # Sony tools
├── nokia/ # Nokia tools
├── zte/ # ZTE tools (NEW)
├── fairphone/ # Fairphone tools (NEW)
├── tcl/ # TCL tools (NEW)
│
├── baseband/ # Modem/baseband tools (NEW)
├── cellular/ # 5G/LTE tools (NEW)
├── trustzone/ # TEE research tools (NEW)
├── bootrom/ # BootROM tools (NEW)
├── secure-element/ # SE research (NEW)
│
├── firmware
