Awesome

android-reverse-engineering

<a id="2110ded2aa5637fa933cc674bc33bf21"></a>工具

• [5948星][2m] [Java] google/android-classyshark 分析基于Android/Java的App或游戏
• [4872星][7m] [Java] guardianproject/haven 通过Android应用和设备上的传感器保护自己的个人空间和财产而又不损害
• [4752星][7d] [C++] facebook/redex Android App字节码优化器
• [3578星][24d] [C++] anbox/anbox 在常规GNU / Linux系统上引导完整的Android系统，基于容器
• [1114星][11d] [Java] huangyz0918/androidwm 一个支持不可见数字水印（隐写术）的android图像水印库。
• [873星][2m] [C] 504ensicslabs/lime LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures f…
• [537星][27d] nordicsemiconductor/android-nrf-connect Documentation and issue tracker for nRF Connect for Android.
• [447星][11m] [Kotlin] shadowsocks/kcptun-android kcptun for Android.
• [408星][2m] [CSS] angea/pocorgtfo a "PoC or GTFO" mirror with extra article index, direct links and clean PDFs.
• [404星][1y] [Java] testwhat/smaliex A wrapper to get de-optimized dex from odex/oat/vdex.
• [276星][8m] [Py] micropyramid/forex-python Foreign exchange rates, Bitcoin price index and currency conversion using ratesapi.io
• [253星][3m] [Py] amimo/dcc DCC (Dex-to-C Compiler) is method-based aot compiler that can translate DEX code to C code.
• [206星][2m] [C] derrekr/fastboot3ds A homebrew bootloader for the Nintendo 3DS that is similar to android's fastboot.

<a id="fa49f65b8d3c71b36c6924ce51c2ca0c"></a>HotFix

• [14478星][26d] [Java] tencent/tinker Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstall apk.
• [3431星][13d] [Java] meituan-dianping/robust Robust is an Android HotFix solution with high compatibility and high stability. Robust can fix bugs immediately without a reboot.
• [1111星][5m] [Java] manbanggroup/phantom 唯一零 Hook 稳定占坑类 Android 热更新插件化方案

<a id="ec395c8f974c75963d88a9829af12a90"></a>打包

• [5028星][1m] [Java] meituan-dianping/walle Android Signature V2 Scheme签名下的新一代渠道包打包神器

<a id="767078c52aca04c452c095f49ad73956"></a>收集

<a id="17408290519e1ca7745233afea62c43c"></a>各类App

• [12203星][14d] [Java] signalapp/signal-android A private messenger for Android.

<a id="7f353b27e45b5de6b0e6ac472b02cbf1"></a>Xposed

• [8597星][26d] [Java] android-hacker/virtualxposed A simple app to use Xposed without root, unlock the bootloader or modify system image, etc.
• [2470星][6m] taichi-framework/taichi A framework to use Xposed module with or without Root/Unlock bootloader, supportting Android 5.0 ~ 10.0
• [1963星][27d] [Java] elderdrivers/edxposed Elder driver Xposed Framework.
• [1702星][1y] [Java] ac-pm/inspeckage Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
• [1593星][26d] [Java] tiann/epic Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 4.0~10.0
• [1291星][27d] [Java] android-hacker/exposed A library to use Xposed without root or recovery(or modify system image etc..).
• [782星][7m] [Java] blankeer/mdwechat 一个能让微信 Material Design 化的 Xposed 模块
• [633星][21d] [Java] ganyao114/sandhook Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 10.0 32/64 bit - Xposed API Compat
• [475星][2m] [Java] tornaco/x-apm 应用管理 Xposed
• [321星][1y] [C] smartdone/dexdump 一个用来快速脱一代壳的工具（稍微改下就可以脱类抽取那种壳）（Android）
• [302星][12d] bigsinger/androididchanger Xposed Module for Changing Android Device Info
• [289星][14d] [Java] ganyao114/sandvxposed Xposed environment without root (OS 5.0 - 10.0)
• [213星][1y] [Kotlin] paphonb/androidp-ify [Xposed] Use features introduced in Android P on your O+ Device!
• [201星][1y] [C] gtoad/android_inline_hook Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32 and ARM64 ! With this, tools like Xposed can do android native hook.

<a id="50f63dce18786069de2ec637630ff167"></a>加壳&&脱壳

• [1757星][7m] [C++] wrbug/dumpdex Android脱壳
• [1438星][3m] [C++] vaibhavpandeyvpz/apkstudio Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.
• [807星][3m] [C] strazzere/android-unpacker Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0
• [691星][1m] [YARA] rednaga/apkid Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
• [356星][2m] [Java] patrickfav/uber-apk-signer A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
• [313星][5m] [Shell] 1n3/reverseapk Quickly analyze and reverse engineer Android packages

<a id="596b6cf8fd36bc4c819335f12850a915"></a>HOOK

• [1468星][3m] [C] iqiyi/xhook a PLT (Procedure Linkage Table) hook library for Android native ELF
• [1466星][2m] [C++] jmpews/hookzz a hook framework for arm/arm64/ios/android, and [dev] branch is being refactored.
• [795星][7m] [C++] aslody/whale Hook Framework for Android/IOS/Linux/MacOS
• [524星][6m] [Java] aslody/andhook Android dynamic instrumentation framework
• [344星][7m] [C] turing-technician/fasthook Android ART Hook

<a id="5afa336e229e4c38ad378644c484734a"></a>Emulator&&模拟器

• [1474星][1y] [C++] f1xpl/openauto AndroidAuto headunit emulator
• [518星][7m] [Java] limboemu/limbo Limbo is a QEMU-based emulator for Android. It currently supports PC & ARM emulation for Intel x86 and ARM architecture. See our wiki
  • 重复区段: 模拟器->QEMU->工具->新添加的 |
• [466星][3m] [Java] strazzere/anti-emulator Android Anti-Emulator

<a id="0a668d220ce74e11ed2738c4e3ae3c9e"></a>IDA

<a id="bb9f8e636857320abf0502c19af6c763"></a>Debug&&调试

• [10738星][17d] [Java] konloch/bytecode-viewer A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
• [6708星][9m] [Java] amitshekhariitbhu/android-debug-database A library for debugging android databases and shared preferences - Make Debugging Great Again

<a id="f975a85510f714ec3cc2551e868e75b8"></a>Malware&&恶意代码

• [422星][4m] [Shell] ashishb/android-malware Collection of android malware samples
• [347星][2m] [Java] droidefense/engine Droidefense: Advance Android Malware Analysis Framework

<a id="1d83ca6d8b02950be10ac8e4b8a2d976"></a>Obfuscate&&混淆

• [3059星][1m] [Java] calebfenton/simplify Generic Android Deobfuscator
• [290星][4m] [C] shadowsocks/simple-obfs-android A simple obfuscating tool for Android

<a id="6d2b758b3269bac7d69a2d2c8b45194c"></a>ReverseEngineering

• [9178星][10d] [Java] ibotpeaches/apktool A tool for reverse engineering Android apk files

• [1967星][26d] [Java] genymobile/gnirehtet Gnirehtet provides reverse tethering for Android

• [577星][2m] [C++] secrary/andromeda Andromeda - Interactive Reverse Engineering Tool for Android Applications

• [437星][7m] maddiestone/androidappre Android App Reverse Engineering Workshop

• [265星][9m] [Dockerfile] cryptax/androidre 用于Android 逆向的 Docker 容器

• [244星][7d] [C++] strazzere/android-scripts Android逆向脚本收集

  • 重复区段: IDA->插件->Android |

• java-decompiler/jd-core https://github.com/java-decompiler/jd-core

java-decompiler/jd-gui: A standalone Java Decompiler GUI https://github.com/java-decompiler/jd-gui

<a id="f0493b259e1169b5ddd269b13cfd30e6"></a>文章&&视频

• 2019.12 [aliyun_xz] Android智能终端系统的安全加固（上）
• 2019.11 [venus_seebug] Android勒索病毒分析（上）

TODO：尚未分类

• lxdvs/apk2gold: CLI tool for decompiling Android apps to Java. It does resources! It does Java! Its real easy! https://github.com/lxdvs/apk2gold

• [1373星][13d] [C] dynamorio/drmemory Memory Debugger for Windows, Linux, Mac, and Android

• [228星][8d] [JS] frenchyeti/dexcalibur Dynamic binary instrumentation tool designed for Android application and powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

• 2018.12 [pediy_new_digest] [原创] Frida操作手册-Android环境准备

• 2018.11 [4hou] 使用FRIDA为Android应用进行脱壳的操作指南

• 2018.11 [pediy_new_digest] [原创]Frida Bypass Android SSL pinning example 1

• [2787星][17d] [Py] androguard/androguard Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)

• [244星][7d] [C++] strazzere/android-scripts Android逆向脚本收集