Getting started with Monitor on Android
An autonomous security agent that lives inside your Android application, with full visibility into runtime state, device integrity, and application behavior.
An autonomous security agent that lives inside your Android application, detecting and responding to threats in real-time with full visibility into device state, runtime behavior, and application integrity.
What is ByteHide Monitor?
Your Android application runs on devices you do not control. Attackers decompile, debug, hook, and manipulate your application directly on hardware they own. Traditional perimeter security cannot help here because there is no perimeter.
ByteHide Monitor is an autonomous security agent that runs inside your application as a parallel process, with full visibility into the runtime environment. It detects reverse engineering attempts, compromised devices, memory dumping, process injection, network tampering, and integrity violations. Because it operates inside the application, it can detect threats that no external tool can see, including zero-day techniques using behavioral analysis rather than signature matching.
Key characteristics:
- Cloud-Managed: Configure protections from the ByteHide dashboard, applied at runtime
- Java and Kotlin: Full support for both languages
- Gradle Integration: Simple dependency setup via Maven repository
- Zero Code Required: Cloud configuration mode requires no code changes
Quick Start
Quick Start
Get Monitor running in under 5 minutes with zero-config cloud setup
Gradle Setup
Add the Maven repository and Gradle dependency to your project
Configuration API
Cloud, JSON, and programmatic configuration options
Protection Modules
13 runtime protections for mobile threat detection
Available Protections
Monitor detects and prevents threats in real-time on Android devices:
| Protection | Description |
|---|---|
| Debugger Detection | Block LLDB, Android Studio Debugger, Frida |
| Root Detection | Detect Magisk, Xposed, SuperSU, and other root tools |
| Emulator Detection | Identify Android Emulator, Genymotion, BlueStacks |
| Tampering Detection | Verify APK signature and code integrity |
| Clock Tampering | Detect system time manipulation |
| Memory Dump Detection | Block GameGuardian, memory scanning tools |
| Virtual Machine Detection | Identify VMware, VirtualBox, QEMU |
| Process Injection | Detect code injection and hooking |
| Network Tampering | Identify MITM proxies (Charles, Burp Suite) |
| License Binding | Validate device-bound licensing |
| Container Detection | Identify containerized environments |
| Remote Desktop | Detect remote control sessions |
| Cloud Metadata | Identify cloud infrastructure execution |
Anomaly Detection is also active by default, learning your app's normal behavior and flagging deviations.
How It Works
- Add the Dependency: Add ByteHide Monitor via Gradle
- Configure Protections: Use cloud dashboard, JSON file, or programmatic API
- Deploy: Monitor activates at runtime and enforces protections
- Monitor: View incidents, devices, and sessions from the cloud panel
Changes made in the dashboard take effect without rebuilding your app.