When the original Hide My Applist project went closed-source, the Android root community needed an open alternative. HMA-OSS (Hide My Ass — Open Source Software), created by frknkrc44, answers that call. Forked from the last open-source commit of Hide My Applist and licensed under AGPL-3.0, this LSPosed module goes far beyond its predecessor — hiding your installed app list, spoofing installation sources, protecting system settings, and offering granular per-app control to keep your rooted device undetected.
Core Privacy Capabilities
Explore the advanced hiding and spoofing mechanisms that make HMA-OSS the go-to privacy module for rooted Android devices.
App List Hiding
Intercepts app list queries at the Android system framework level. Configure per-app rules using blacklist or whitelist mode to precisely control which installed packages are visible to any given target application.
Installation Source Spoofing
Spoofs the installation source of both user and system apps, making sideloaded APKs appear as if they were installed from the Google Play Store — bypassing UNKNOWN_INSTALLED status checks used by security-sensitive apps.
Activity Launch Protection
Blocks detector apps (such as Disclosure and Native Detector) from launching activities via component names to scan your installed app list. Enabled by default with per-app toggle control for fine-grained protection.
Settings Presets & Templates
Hide entire categories of Android settings from target apps — including Accessibility, Developer Options, and Input Method settings — using ready-made presets or fully custom templates, more flexible than SettingsFirewall.
Bulk Config Wizard
Apply a hiding configuration to multiple apps at once using the built-in Bulk Config Wizard. Stop configuring each target app one by one — set it up once and propagate the rules across all selected applications instantly.
Work Profile Support
Manage app hiding configurations for Work Profiles and Private Space from the main profile. HMA-OSS extends its protection across all user spaces on your device without requiring a separate install per profile.
How Does HMA-OSS Work?
HMA-OSS hooks into the Android System Framework via the LSPosed Xposed API — not into individual app processes. This architectural choice is deliberate: hooking apps directly would create detectable memory space modifications, which is itself a detection vector. By operating exclusively at the system framework level, HMA-OSS intercepts package manager calls before they ever reach the requesting app.
When a banking app or game calls PackageManager.getInstalledPackages() or a similar API, HMA-OSS intercepts that call and returns a filtered list based on your per-app configuration. The target app receives a response that appears completely legitimate — it simply does not see the packages you have chosen to hide.
Additionally, HMA-OSS includes Propless Isolation — a technique that enables Android's appdata and vold isolation mechanisms without requiring prop modifications (which are themselves detectable). The Risky Package Protection feature also automatically skips hiding specific packages from Google Play Services when doing so would cause crashes, preventing common compatibility issues automatically.
HMA-OSS vs Hide My Applist
HMA-OSS is a direct fork of the original Hide My Applist (HMA) by Dr-TSNG, which went closed-source. Here is what sets HMA-OSS apart:
| Feature | Hide My Applist | HMA-OSS |
|---|---|---|
| Open Source (AGPL-3.0) | ||
| Activity Launch Protection | ||
| Installation Source Spoofing | ||
| Settings Presets & Templates | ||
| Bulk Config Wizard | ||
| Work Profile / Private Space | ||
| Propless Isolation | ||
| Risky Package Protection |