Technique guides¶
wacrg converges findings from seven reverse-engineering techniques into one provenance-tracked spec. Each technique reveals a different slice of the WhatsApp call protocol, and a fact earns higher confidence only when independent techniques corroborate it (see methodology and governance).
This page links to practical how-to guides. The machine-generated catalogue (with
each technique's maturity, target layers, strengths, limitations, and tooling) is
the techniques page, rendered from
spec/techniques/.
Maturity levels¶
| Maturity | Meaning |
|---|---|
established |
Reliable, low-friction, reproducible by most contributors. |
emerging |
Works, but needs setup, a controlled device, or careful interpretation. |
experimental |
High effort/fragility; results need strong corroboration. |
The seven techniques¶
| Technique | Maturity | Best at | Guide |
|---|---|---|---|
| WebSocket / WABinary capture | established | signaling, keying envelope | guide |
| Baileys instrumentation | established | signaling, keying | guide |
| Frida dynamic hooking | emerging | keying, media, transport | guide |
| WhatsApp Web WASM analysis | emerging | signaling, keying, media, transport | guide |
| TLS man-in-the-middle | emerging | signaling context, transport | see catalogue |
| Static smali / native analysis | emerging | vocabulary, intended logic | see catalogue |
| Process memory dump | experimental | keying, media (ground truth) | see catalogue |
Ethics first. Every technique here is for interoperability and research on accounts and devices you own. Never target third parties, never capture real users' data, and only ever commit synthetic or fully sanitized material. See the disclaimer and security policy.
Contributing a technique guide¶
The TLS MITM, static analysis, and memory-dump techniques have catalogue entries but
no full how-to guide yet. These are great good-first-capture-adjacent
contributions. Copy the structure of an existing guide, keep it hedged and ethical,
and link it from the technique's guide: field in spec/techniques/<id>.yaml.