# App Tampering detection Every application can be easily modified and then resigned by an attacker. This process is known as application repackaging. There may be many reasons for application repackaging, whether it's adding new code, removing app protections, or bypassing app licensing. A modified/tampered application is often distributed using third-party stores or other side channels. Talsec uses various checks to detect whether the application was tampered (e.g., changed package name, signing hash). {% hint style="warning" %} Make sure that you have integrated Talsec correctly (e.g., signing certificate hash). Otherwise, this check might be triggered very often. {% endhint %} Below are code snippets demonstrating app tampering detection across various platforms: ```dart // Android tampering override fun onTamperDetected() { TODO("Not yet implemented") } // iOS signature case signature // Flutter tampering and signature detection onAppIntegrity: () => print("App integrity") // Cordova tampering and signature detection appIntegrity: () => { // Place your reaction here } // React Native tampering and signature detection appIntegrity: () => { // Place your reaction here } // Capacitor tampering and signature detection appIntegrity: () => { // Place your reaction here } ``` {% hint style="info" %} **Recommended action:** Kill the application. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.talsec.app/freerasp/freerasp/wiki/threat-detection/app-tampering-detection.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.