Passing safetynet with Magisk v24 and newer

Installing Magisk

Grab the latest version of Magisk from here: https://github.com/topjohnwu/Magisk/releases

Then rename it from Magisk-v24.apk to Magisk-v24.zip. Reboot to recovery and flash it.

Enabling Zygisk and DenyList

Open up the Magisk app and then open its Settings. Scroll down until you find an option that says "Zygisk" and enable it. Right below it should be an option called "Enforce DenyList". Enable that too, as shown in following screenshot.

After that, tap "Configure DenyList", tap the three dots in the top right corner and select "Show System apps". Now search for Google Play Services and Google Play Store and check them.

Reboot your phone afterwards.

Passing basicIntegrity

Just enabling Zygisk and DenyList won't magically fix Safetynet.
Since the Magisk app removed its own Safetynet check in order of MagiskHide's deprecation, we need to use another app for that. Luckily, there is another good Safetynet checker called YASNAC that I will use in this guide.
You can find it here: https://play.google.com/store/apps/details?id=rikka.safetynetchecker&hl=de&gl=US

Running YASNAC's Safetynet test will show you that we are not passing basicIntegrity and CTS.

To fix that, there is a module called "Universal Safetynet fix" that will help us here. It was originally made for newer devices that enforce hardware-backed key attestation, but since MagiskHide was deprecated it implement lots of MagiskHide's functions and helps us pass Safetynet and Play Integrity.

You can find it here: https://github.com/Displax/safetynet-fix/releases

After downloading it, open up the Magisk app, go to Modules and select "Install from storage". Select the module you just downloaded, wait for its installation and reboot.

After reboot, open YASNAC and you'll see that we are now passing basicIntegrity.

Passing CTS

However, as you can see in above screenshot, we are still not passing CTS.

To fix that, we will have to apply a certified fingerprint to our device using the MagiskHidePropsConfig module. Since the Module repository was officially shut down, you now have to download every module manually.

Download the latest version of MagiskHidePropsConf from here: https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/releases

As before, go to the Module section of the Magisk app, select "Install from storage" and install MagiskHidePropsConfig. Reboot after the installation is done.

Now download any terminal app from Play Store, for example Termux, as in this guide.

Open Termux and type "su" to get root rights:

After that, type "props":

In the following screen, select "1" to edit the device fingerprint:

After that type "f" to select a certified fingerprint:

Now type "26" to select Samsung:

In the following list select the fingerprint for your phone. If your phone is not on the list, it should be fine using one meant for another device. Alternatively, you can also use fingerprints from any Google Pixel phone.

In the screenshot im selecting "7" which is Galaxy A5 2017:

Now confirm the changes by typing "y".

Wait for it to finish and again type "y" to reboot and apply the changes.

After reboot open YASNAC and you'll see that you are now passing CTS too!