๐ฎUnity
๐จ freeRASP for Unity โ Early Release [6/2025]
Weโre excited to introduce freeRASP for Unity as a new flavor of our runtime protection library. As itโs still fresh, you may encounter some integration issues that need to be ironed out.
Weโd love to hear about your experienceโgood or bad. Please open an issue on GitHub or write us directly at [email protected]. Your feedback helps us make it better!
๐ Prerequisites
The freeRASP has the following prerequisites that must be met before starting:
Unity Editor level: 6 or higher
Minimum SDK level: 23 or higher
๐ฆ Install Plugin
First, you'll need to install freeRASP for Unity. Head over to [Github Unity Plugin Release Link] and download the latest plugin. The plugin file should have a .unitypackage extension.
Next, import the plugin into your Unity project: right-click on Assets โ Import Package โ Custom Package.
Android (freeRASP for Android v15.1.0)
โ๏ธ Set Up the Configuration for Your App
To ensure freeRASP works properly, you need to configure and initialize it with the required settings. All necessary values must be provided for the plugin to function correctly. Detailed explanations of each configuration option are available on the Android API documentation page.
The first step involves obtaining your app's signing certificate hashes in Base64 format. Refer to the provided manual for comprehensive guidance on app signing, which covers both manual signing methods and Google Play's app signing service.
In this guide, we'll create the Game.cs script attached to a GameObject to initialize freeRASP and configure reactions. You can use any other scripts in your business logic that are initiated when the app starts.
To make your Game.cs script run, you need to attach it to a GameObject in your Scene (drag'n'drop the Game.cs onto some object):
Create an empty GameObject in your scene (or select an existing one).
Drag your
Game.csscript from the Project window onto that GameObject in the Hierarchy window or the Inspector window.When you run the scene, the
Start()andUpdate()methods (and others) of yourGame.csscript will be called on that GameObject.
In the Game.cs (or your appโs entry point), import freeRASP and add the following code:
using UnityEngine;
public class Game : MonoBehaviour
{
// Start is called once before the first execution of Update after the MonoBehaviour is created
void Start()
{
bool isProd = true;
string watcherMailAddress = "[email protected]";
// Android related configs
string expectedPackageName = "com.unity.rasp.game";
string[] expectedSigningCertificateHashBase64 = new string[] { "Tmac/QIomCqEGS1jYqy9cMMrqaitVoZLpjXzCMnt55Q=" };
string[] supportedAlternativeStores = new string[] { "com.sec.android.app.samsungapps" };
// initialize talsec
TalsecPlugin.Instance.initAndroidTalsec(expectedPackageName, expectedSigningCertificateHashBase64,
supportedAlternativeStores, watcherMailAddress, isProd);
TalsecPlugin.Instance.setAndroidCallback(this); // set Android callback
}
// Update is called once per frame
void Update()
{
}
}๐ท Handle detected threats
To receive threat notifications, implement the AndroidThreatDetectedCallback interface. It contains multiple methods that are triggered when freeRASP periodically scans the device for security threats. Implement these methods within your game logic or main application class.
// Implementation of IAndroidCallback interface
public void onRootDetected()
{
Debug.Log("Root detected");
}
public void onTamperDetected()
{
Debug.Log("Tamper detected");
}
public void onDebuggerDetected()
{
Debug.Log("Debugger detected");
}
public void onEmulatorDetected()
{
Debug.Log("Emulator detected");
}
public void onObfuscationIssuesDetected()
{
Debug.Log("Obfuscation issues detected");
}
public void onScreenshotDetected()
{
Debug.Log("Screenshot detected");
}
public void onScreenRecordingDetected()
{
Debug.Log("Screen recording detected");
}
public void onUntrustedInstallationSourceDetected()
{
Debug.Log("Untrusted installation source detected");
}
public void onHookDetected()
{
Debug.Log("Hook detected");
}
public void onDeviceBindingDetected()
{
Debug.Log("Device binding detected");
}Add freeRASP Maven Repository
dependencyResolutionManagement {
repositoriesMode.set(RepositoriesMode.PREFER_SETTINGS)
repositories {
google()
mavenCentral()
maven { url 'https://jitpack.io' }
maven { url 'https://europe-west3-maven.pkg.dev/talsec-artifact-repository/freerasp' }
flatDir {
dirs "${project(':unityLibrary').projectDir}/libs"
}
}
}
iOS (freeRASP for iOS v6.11.0)
โ๏ธ Set Up the Configuration for Your App
To ensure freeRASP works properly, you need to configure and initialize it with the required settings. All necessary values must be provided for the plugin to function correctly. Detailed explanations of each configuration option are available on the iOS API documentation page.
To make your Game.cs script run, you need to attach it to a GameObject in your Scene (drag'n'drop the Game.cs onto some object):
Create an empty GameObject in your scene (or select an existing one).
Drag your
Game.csscript from the Project window onto that GameObject in the Hierarchy window or the Inspector window.When you run the scene, the
Start()andUpdate()methods (and others) of yourGame.csscript will be called on that GameObject.
In your appโs entry point, import freeRASP and add the following code:
using System;
using UnityEngine;
using System.Collections;
using System.Collections.Generic;
public class Game : MonoBehaviour
{
// Start is called once before the first execution of Update after the MonoBehaviour is created
void Start()
{
// common configs
bool isProd = true;
string watcherMailAddress = "[email protected]";
// iOS related configs
string[] appBundleIds = new string[] { "com.unity.freeRASP" };
string teamId = "TEAM ID";
// initialize talsec
TalsecPlugin.Instance.initiOSTalsec(appBundleIds, teamId, watcherMailAddress, isProd);
TalsecPlugin.Instance.setiOSCallback(this); // set callback
}
}๐ท Handle detected threats
To receive threat notifications, implement the IOSThreatDetectedCallback interface. It contains multiple methods that are triggered when freeRASP periodically scans the device for security threats. Implement these methods within your game logic or main application class.
// Implementation of IOSThreatDetectedCallback interface
public void signatureDetected() {
Debug.Log("Signature detected");
}
public void jailbreakDetected() {
Debug.Log("Jailbreak detected");
}
public void debuggerDetected() {
Debug.Log("Debugger detected");
}
public void runtimeManipulationDetected() {
Debug.Log("Runtime manipulation detected");
}
public void passcodeDetected() {
Debug.Log("Passcode detected");
}
public void passcodeChangeDetected() {
Debug.Log("Passcode change detected");
}
public void simulatorDetected() {
Debug.Log("Simulator detected");
}
public void missingSecureEnclaveDetected() {
Debug.Log("Unity - Missing secure enclave detected");
}
public void deviceBindingDetected() {
Debug.Log("Device binding detected");
}
public void unofficialStoreDetected() {
Debug.Log("Unofficial store detected");
}
public void systemVPNDetected() {
Debug.Log("System VPN detected");
}
public void screenshotDetected() {
Debug.Log("Screenshot detected");
}
public void screenRecordingDetected() {
Debug.Log("Screen recording detected");
}
public void deviceIDDetected() {
Debug.Log("Device ID detected");
}Add freeRASP
Once you are done with your game in Unity Hub; proceed to export the project. Once exported, open up the project in Xcode and add freeRASP dependency:
From GitHub, Copy Talsec folder into your Application folder.
(select v6.11.0: https://github.com/talsec/Free-RASP-iOS/tree/v6.11.0/Talsec)
Drag & drop the Talsec folder to your .xcworkspace.
Add TalsecRuntime framework to Target > Build Phases > Link Binary With Libraries.
In the General > Frameworks, Libraries, and Embedded Content choose Embed & Sign.
Note: In case you are using Carthage, the zipped version of the framework is included in the GitHub Releases (https://github.com/talsec/Free-RASP-iOS/releases/tag/v6.11.0).
Last updated
Was this helpful?