[Discussion] Magisk - The Age of Zygisk.

Search This thread


Recognized Contributor
Jan 20, 2018
Samsung Galaxy Tab A series
I have tried every single solution mentioned here in the thread to hide root from this banking app Instapay but unfortunately always detect root despite all other banking apps are working.
I Have Latest Magisk Alpha 24310
Latest Shamiko 0.5.0 (112)
HMA lsposed and magisk module hiding all root request apps and lsposed modules from banking apps
MagiskHide Props Config
Bromite webview replaced Android webview using magisk module
Zygisk on and enforcing denylist off
App runs normally if magisk hide on and zygisk is disabled
Why isn't that the solution? ("magisk hide on and zygisk is disabled"?)


Senior Member
oh and i installed smali patcher. but i heard that doesnt work
Well incompatible modules can cause boot loops... Worth disabling small just in case, but I think you likely have this issue:
Failed to update in recovery patch mode #5673

... Seems Direct install to update isn't working, but that a new patch / flash with Odin works (ie. as a workaround):

The issue is active and marked as a regression, so I'd watch that space... PW


Senior Member
Oct 10, 2016
Screenshot speaks by itself


  • IMG_20220524_175836.jpg
    111 KB · Views: 113


Nov 1, 2007
I've spent a bit more time playing around this and got it to work without using the multi-user fix.

Your suggestion of freezing the magisk app set me on the right track, I installed HideMyAppList on LSPosed created a black list that hides Magisk, Titanium and HideMyAppList and set Enable All Hide Methods.

I then applied that blacklist to the HSBC Apps and restarted my phone (before that it said "Module Activated System service not running"

After this, HSBC no longer detected my phone as rooted.

Tip to test this, install AppList detector and make sure that everything passes. This will allow you to verify that hidemyapplist is working well.

HideMyAppList is a super useful module, unfortunately it seems that development has stopped. Luckily it's open source...
Hi bro, please inform what apps you tick in HMA lsposed?


Senior Member
Jun 12, 2008
OnePlus 9 Pro
Problem... After Momo 4.1.1 found magisk a few days ago, today ESET also found rooted device. Shamiko didn't manage to hide root, also I tried to hide renamed Magisk from ESET with HMA but no success.

PS: I solved the Magisk detection.. After a lot of experiments, I disabled shamiko, enabled forced deny list, reboot, disable force deny list, enable shamiko, reboot and the miracle was done. I guess that shamino was needed a reset..


  • Screenshot_2022-05-26-15-37-26-90_f785a9320d04e2ea379e95ce9e5b4e63.jpg
    390.3 KB · Views: 72
Last edited:


Senior Member
Jan 12, 2011
And hiding by HMA really works also for other purposes like detaching YouTube from Playstore (bcs root Vanced YT requires specific old YT version that must never be updated) and similarly for detaching AndroidAuto (Google allows only navigation and various messages - and only through voice control; if you want to write mails or watch YT or Netflix on the car entertainment screen even when you park the car, you need particular old AA version, because only then custom apps for AA like CarTube, Fermata, Screen2Auto, AAMirror can work - otherwise AA block them).
And (only) HMA turned so far to be reliable option for A12, for properly detaching AA from PlayStore, for the purpose as above
Can you please tell how to hide / detach Youtube from playstore by HMA, thank you, I'm sorry if it's explained elsewhere in the thread but I read this thread from page 68 to the end and have started reading from the start and got your post also here but unable to understand how to do it

Thanks once again for various posts explaining other things in this thread
Last edited:
  • Like
Reactions: J.Michael


Senior Member
Oct 10, 2016
Can you please tell how to hide / detach Youtube from playstore by HMA, thank you, I'm sorry if it's explained elsewhere in the thread but I read this thread from page 68 to the end and have started reading from the start and got your post also here but unable to understand how to do it

Thanks once again for various posts explaining other things in this posts
Check this post in this thread and the links there:


Senior Member
Jan 12, 2011
One additional insight here, when I use Applist Detector (an app from dev of HMA) it says suspicious for "Abnormal Environment" and it raise this for XPrivacyLua - which I do use..But I have hidden it in HMA too for it to be not detected by Applist Detector and other apps. Screenshot attached. Anything to be done here...
what steps should I do so that xposed module are not detected in Applis detector as in your screenshot, I have hidden Applist detector in magisk and rest everything is ok but xposed modules are being detected (SS attached), thank you


  • Applist Detector.png
    Applist Detector.png
    142.4 KB · Views: 65


Senior Member
Dec 3, 2007
what steps should I do so that xposed module are not detected in Applis detector as in your screenshot, I have hidden Applist detector in magisk and rest everything is ok but xposed modules are being detected (SS attached), thank you
I did nothing specific...You may want to select "read applications" for Applist Detector in XprivacyLua

Actually mileage varies across rom for these xposed modules and their settings.

For eg. I am seeing Abnormal Environment whereas it is all good in your case.
  • Like
Reactions: paarkhi

Top Liked Posts

  • 8
    a new safetynet update has been released https://github.com/kdrag0n/safetynet-fix/releases
    thanks to kdrag0n and osm0sis and benjibobs
    Some very interesting news re. apps that use the QUERY_ALL_PACKAGES permission (S PushTAN & many others) FINALLY being pulled into line by Google (from former XDA Editor in chief):
    Mishaal Rahman, Apr 6
    Apps that declare the QUERY_ALL_PACKAGES permission but haven't filled out the relevant permission declaration may be removed from Google Play starting June 1, 2022.

    Reasons / excuses for the delay:

    What it means in practice:
    My guess is that it will depend a lot on Google... Here's hoping... 🙃 PW
    :( can u help me fix it
    What hide methods do you have selected in HMA? You didn't cover that in your screen recording. Also, there's no need to repackage the Magisk app. HMA is being utilized to prevent iMobile from finding the Magisk app.

    This may not be applicable here at all, but it's worth noting that for some apps, incl. Sparkasse PushTAN, neither one method is enough; Magisk's Hide the Magisk app as well as HMA hiding (using the three 'safe' methods, or just Intent queries) must be employed to successfully thwart their (Promon) protection engine.

    This not only looks for known app names and signatures, but uses simple pattern matching on installed apps. Magisk's Hide the app will patch the package name in AndroidManifest.xml, repack it and sign it with a random signature for obfuscation, but the classes.dex with code remains and can be / is used to identify even the stub app.

    Further, at least for S PushTAN, since a recent release mileage seems to vary per device... The above method was working across the board for some time, but it seems that no Xiaomi device users now have success (with latest releases) while OnePlus and other device users can still use this method...

    The above distills the basics from this (very long) issue:

    👀 PW
    Thanks. Don't really understand your answer so what causes this "refactoring" of magiskinit?...
    Just to add the detail, and for anyone interested in what is "a full paradigm shift on how Magisk hot-patch(s) the device at boot":

    Refactoring magiskinit = magiskinit-rewrite... "A significant portion of magiskinit (the critical software that runs before your device boots up) is completely rewritten from scratch..."

    It involves changes in the way Magisk boots (initialises) in 2SI* devices, as well as broader changes in the way sepolicy# rules are patched/loaded (injected).

    * All devices on Android 10+ with the exception (excluding Pixel 3/3a series) of Legacy SAR devices launched with Android 9 (2018-2019).
    # Access control policies for Security-Enhanced Linux.

    • [MagiskInit] Update 2SI implementation, significantly increase device compatibility (e.g. Sony Xperia devices)
    • [MagiskInit] Introduce new sepolicy injection mechanism
    See diffs (changes) here, especially in details.md (Internal Details doc):

    👀 PW
    Further re. refactoring magiskinit (magiskinit-rewrite); It will break Direct Install to update Magisk in 2SI devices...

    I put a lot about this in General Support/Discussion thread...

    Basically, Direct install breaks due to previous Magisk injection method for 2SI devices (involving patching fstab) being incompatible with new Magisk...

    Those facing issues (patching errors, bootloops etc) updating to 25.x (24303+) on 2SI devices need to do a fresh initial installation (patch/fastboot flash an original boot image) of Magisk again, thereby replacing the incompatible fstab-patched image...

    It's a bit more complicated in configurations where disabling verity/verification to boot is still required (a number of custom kernels and possibly ROMs), which will need to be able to boot without Magisk prior to patching going forward...

    Nb. Because verity/verification is no longer disabled 'in most scenarios', AVB (Android Verified Boot) will remain intact. This means a Red state verified boot issue (dm-verity corruption) is avoided which may actually have advantages for root-hiding...

    Of course, since an Orange state verified boot issue (UNLOCKED device) is reported, SafetyNet pass spoofing and, in many cases, other 'root' hiding will still be needed for apps requiring attestation to TEE...

    👀 PW
  • 15
    @ipdev can you add https://github.com/mywalkb/DenylistUnmount to this post, as an open source alternative to Shamiko? Many users are posting positive results with this module.
    I bookmarked it the other day when I ran across the link in a different thread. 🙃
    I added Denylist Unmount to Points of Interest.

    Unfortunately my time has been short lately. 🙁
    Life and sidetracked by other projects.

    I have been meaning to update Post #9 for awhile now.
    Post #9 was to be a catch all post for additional links recommended in the threads.
    I have been trying to figure a good way to format/layout and categorize it.​

    This is my current WIP.
    Still needs to be formatted better. The secondary title needs to be reworded. Add/reword descriptions.
    Other cleanup and format/layout.

    Points of Interest.
    Apps, Links, Modules, Posts and Threads.
    Additional links recommended by the xda family.


    Hide My Applist
    Hide apps or reject app list requests.
    Requires Xposed.​
    Download Links:
    GitHub | PlayStore

    Oprek Root Detector
    Check Devices Health​
    Download Links:

    Magisk Modules

    Denylist Unmount
    Unmount the denylist processes​
    Download Links:

    Systemless Xposed framework.
    Zygisk releases are now included.
    Download Links:

    Add description​
    Download Links:

    xda Posts

    xda Threads


    • Xposed is a framework for modules that can change the behavior of the system and apps without touching any APKs.

    Cheers. :cowboy:
    Anyone here have issue with latest version of Shamiko and some banking apps?
    My Starling app keeps closing itself when I have enabled Shamiko but if I disable it and revert to enforce denylist the app works fine but one of my other apps does not work without shamiko!
    Try using my build, turn off zygisk (optional) and enable MagiskHide.

    About Zygisk: Zygisk is still not perfect for hiding and zygisk leave very obvious traces for some apps such as Livin by Madiri (only work without zygisk). The problem is not "root is not hidden" but "Zygisk is not hidden". Riru has RiruHide to hide itself from scanning /proc/<pid/maps but Zygisk doesn't have hiding method and DenyList doesn't hide zygisk. If you are using LSPosed, recommended to use Riru for now.

    If you apps are still detecting root, try install Riru - MomoHider: https://github.com/HuskyDG/Riru-Momohider/releases/tag/0.0.8-all-configs
    Points of Interest.

    Zygisk releases are now included.
    Download Links:

    Download Links:
    @ipdev can you add https://github.com/mywalkb/DenylistUnmount to this post, as an open source alternative to Shamiko? Many users are posting positive results with this module.
    a new safetynet update has been released https://github.com/kdrag0n/safetynet-fix/releases
    thanks to kdrag0n and osm0sis and benjibobs
    Today I upgraded to Magisk 24, on my device I have also LSPosed.
    In previous version riru and magisk hide was separated, so I could hide root for an app and hook with lsposed, now if I put the app in denylist, lsposed is not working.
    I see many people use shamiko for hide root and continue to use lsposed, but I don't like because it's closed source.
    I found an alternative DenylistUnmount (open source) is not perfect as shamiko but I think is good for many apps. I installed about 30 banking apps and only one detect root with DenylistUnmount but root is detected also with shamiko. So also shamiko is not perfect.
    Has anyone tried this module yet?
  • 117
    This is a discussion and help thread for the newer versions of Magisk.

    The main goal of this thread is to help users migrate to Magisk v24+
    • SafetyNet
      Basic integrity Pass
      CTS profile match Pass
    • Play Protect certification
      Device is certified

    Feel free to discuss or give links to other Magisk related issues.
    Fixes for gPay, banking apps and/or other apps and games that detect a 'compromised' Android system.
    Please try to restrain from discussing alternative (unofficial) Magisk builds that include changes that were removed or can not be included in the official Magisk builds. 🙃

    Please read John's State of Magisk (medium.com)

    Starting with the Magisk 23 (23010) canary builds.
    • MagiskHide is removed.
      MagiskHide masked the sensitive properties of the device to hide it from SafetyNet.
      Renaming (repackaging) the Magisk app is/was not part of MagiskHide.
      You still have the option to Hide the Magisk app under setting.​
    • Magisk Module online Repo is removed.
      The Magisk Module online Repo is still available and can be accessed outside of the Magisk app.​
    • Everything SafetyNet is removed.
      This includes the SafetyNet check that was incorporated into the Magisk app.​
    • Zygisk is introduced.
      Zygote + Magisk = Zygisk​
    • The Deny list replaces the Hide list.
      The Hide list (more or less) hid Magisk from the process on the list.
      The Deny list is similar but instead of hiding Magisk from the process, Magisk is unloaded so there is nothing to hide.​

    Starting with the Magisk 23 (23017) canary builds.
    • Magisk supports update channels per module.
      Each module can include it's own update link.​
    • Hide Magisk offline.
      You do not need internet connection to rename (repackage) the Magisk app.​

    What does this mean?
    Not much.
    It is just the next step in Magisk's development.
    Zygisk is a big step forward. ;)

    Even before these changes in Magisk, the xda family and the Android community have always been active and willing to share. :D

    Jump to Post

    This is post will be updated once Magisk v24 is released.
    The Magic Mask for Android.

    Magisk Links:
    Release Notes

    Download Links:
    Stable and Beta releases.
    • GitHub
      The notes.md file is the change log.
      The app-debug.apk is Magisk canary.
      Click on app-debug.apk and choose View Raw or click on the Download option.​

    All who contribute and support this project.

    MagiskHide Props Config
    This module allows you to add, change and adjust prop values systemlessly using Magisk.​

    MagiskHide Props Config Links:

    Download Links:

    All who contribute and support this project.

    Universal SafetyNet Fix
    It has been a year now since kdrag0n figured out how to 'trick' SafetyNet.
    This 'trick' has been implemented properly into quite a few custom roms.
    For custom roms that do not include it and/or stock roms, he turned it into a module.​

    Universal SafetyNet Fix Links:

    Download Links:

    All who contribute and support this project.

    Fox's Magisk Module Manager
    This app allows you to manage and install Magisk modules.
    Including from an online repo.​

    Fox's Magisk Module Manager Links:

    Download Links:

    All who contribute and support this project.

    YASNAC - Yet Another SafetyNet Attestation Checker
    YASNAC (short for Yet Another SafetyNet Attestation Checker) is an Android app that demonstrates SafetyNet Attestation API.​

    YASNAC Links:

    Download Links:

    All who contribute and support this project.
    Force Basic Attestation

    Newer devices are designed to support hardware attestation.
    Currently there is no way to hide the sensitive device properties when checked using hardware attestation.​

    To get around this, kdrag0n figured out how trick SafetyNet that the device does not support hardware attestation.
    SafetyNet will then fall back to check using basic attestation.

    This method will work for devices that support hardware attestation and devices that do not.
    • Enable Zygisk.
    • Install the USNF module.
    • Reboot

    To keep posts short, the instructions are hid by spoiler tags.
    If you have not installed Magisk.
    Follow the installation link in the Magisk post.​

    Download the Universal SafetyNet Fix module.
    Download link is in the Modules post.​

    1. Enable Zygisk
      • Open the Magisk app.
      • Go to Settings.
      • Scroll down to the Magisk section.
      • Toggle Zygisk on.
      • Go back to the Magisk Home screen.
    2. Go to Modules.
      • Select Install from storage.
      • Navigate to the Universal SafetyNet Fix module zip file and select it.
    3. Reboot.

    The USNF module will adjust the sensitive props that are needed to pass SafetyNet.
    Depending on the device and system (ROM) configuration, you might need to adjust a few more.
    See the Adjust Prop values post.​