BETA DarkRide is in active development ahead of public launch. Expect rough edges and breaking changes.
Made with ❤ at themeparks.wiki

Browser-based, AI-enhanced reverse engineering toolkit

Automate real devices. Inspect traffic. Analyse apps. Open source and plugin-extendable.

Get started → View on GitHub ↗

Inspect real device traffic

WireGuard-based HTTPS capture with mitmproxy. No WiFi proxy config needed. Filter, search, save requests, and hook into traffic from automation scripts.

  • WireGuard transparent proxy — no device-side proxy config
  • Per-device TLS profiles including Chrome 120 Android fingerprint
  • Request hooks from automation scripts for real-time interception
  • Save, filter, and search captured traffic
Read about traffic capture →

Write automations in TypeScript

Drive real Android devices with a fully typed DeviceAPI. Monaco editor with autocomplete, session history with screenshots and traffic per run. iOS automation is on the roadmap.

  • Full typed DeviceAPI — click, setText, waitFor, screenshot, httpGet, and more
  • Monaco editor with autocomplete and inline docs
  • Rule system for handling unexpected popups (cookie banners, rate prompts)
  • Session history with screenshots and captured traffic per run
Read the automation guide →

Analyse APKs with AI assistance

Decompile APKs, diff versions, search strings, and let the AI agent navigate the code with 40+ real tools. Native, React Native, Hermes, and Flutter supported.

  • Decompilation + structural diffing between versions
  • Full-text search across decompiled source
  • React Native, Hermes, and Flutter bundle analysis
  • AI agent with 40+ tools — read files, search code, write analysis notes
Read about APK analysis →

The real app

What DarkRide actually looks like today. Click a screenshot to enlarge.

And there's more

Plugin system

Extend every layer. Add protocol decoders, APK analysis tools, AI tools, scheduled jobs, and complete feature sets via 13 extension points. npm workspaces, hot reload in dev.

MCP server

Expose every DarkRide tool to AI agents as MCP tools. Drive your devices straight from your IDE.

Frida integration

Write and run Frida scripts from the browser. Built-in script library with templates for common hooks.

Quick install

git clone https://github.com/DarkRideApp/DarkRide.git
cd DarkRide
npm install
npm run dev
  1. Connect device
  2. Authorise
  3. Go!

See the installation guide for platform-specific setup.

Frequently asked

Where did DarkRide come from?
DarkRide was spawned from work on ThemeParks.wiki — a service that depends on reverse-engineering theme park mobile apps to surface live waiting times and schedules. Over the years a full toolkit of custom scripts, proxies, and analysis tools grew up around that work, and DarkRide is that toolkit, generalised and open-sourced.
Is this legal?
DarkRide is a security research and automation tool. Only use it on devices you own, apps you have permission to analyse, and APIs you are authorised to access. You are responsible for complying with applicable laws and terms of service.
What devices work?
Works best with rooted Android devices — rooting unlocks the full toolkit (automation, HTTPS traffic capture, APK analysis, Frida). iOS has limited support for traffic capture; device automation is on the roadmap.
Why AGPL-3.0?
AGPL-3.0 ensures that improvements and network-service deployments flow back to the community. If the copyleft licence is incompatible with your use case, a commercial licence is available.
Can I use it commercially?
Yes — either under AGPL-3.0 if you can comply with its terms, or via a commercial dual-licence. See COMMERCIAL.md for details.
How do I get support?
GitHub Issues for bug reports, GitHub Discussions for questions, and sponsorship for supporting continued development.