simplify - Generic Android Deobfuscator

•    Java

---

Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it behaves identically but is easier for a human to understand. Each optimization type is simple and generic, so it doesn't matter what the specific type of obfuscation is used. The code on the left is a decompilation of an obfuscated app, and the code on the right has been deobfuscated.

deobfuscation optimization android reverse-engineering malware-analysis dalvik malware deobfuscator virtual-machine emulator malware-analyzer

androguard - Reverse engineering, Malware and goodware analysis of Android applications

•    Python

---

Androguard is a full python tool to play with Android files. Androguard + tools: Anthony Desnos (desnos at t0t0.fr).

android dalvik reverse-engineering dex

dex-oracle - A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis

•    Ruby

---

A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis. Also, the inspiration for another Android deobfuscator: Simplify. Make sure adb is on your path.

reverse-engineering android malware malware-analysis malware-analyzer deobfuscation deobfuscator dex dalvik

redexer - The Redexer binary instrumentation framework for Dalvik bytecode

•    OCaml

---

Redexer is a reengineering tool that manipulates Android app binaries. This tool is able to parse a DEX file into an in-memory data structure; to infer with which parameters the app uses certain permissions (we name this feature RefineDroid); to modify and unparse that data structure to produce an output DEX file (we name these features Dr. Android, which stands for Dalvik Rewriting for Android). This tool is tested under OCaml 4.02.2 and Ruby 1.8.6(7), so you need to install them (or higher versions of them).

dex dynamic-analysis bytecode-manipulation dalvik

PATDroid - A Program Analysis Toolkit for Android

•    Java

---

The master branch is the nightly dev branch, which could diverge greatly from the maven artifacts. Here is a one-sentence description for each package. Find the detailed usage tutorials on our wiki by clicking on the package name to redirect to their wiki pages. Most public APIs are Java-doced. PATDroid requires Java6+. It goes well with Oracle/OpenJDK 1.6, 1.7, Dalvik (Yes, you can run it on a smartphone). Gradle (wrapper) is the default build system. You can import the project to IntelliJ IDEA (File->Import from Gradle Project) and Eclipse (similar).

android dalvik program-analysis bytecode apk

dali - Indie assembler/linker for Dalvik VM .dex & .apk files (Work In Progress)

•    Nim

---

This project has no proper usage guide yet. Please see hellomello for a sample project using it, with step-by-step build instructions. For hacking on the project, see: src/dali.nim, esp. the render function, and the test suite in: tests/tdex.nim.

android dalvik dex nim standalone

hellomello - Experiments with writing Android apps in Nim

•    C++

---

...aaand you should have a hello.apk file now, ready to be installed on an ARM-based Android device. Worked For Me™... In case of problems installing or opening the apk on your device, try running adb logcat (yep, that requires Android Studio... or you could try python-adb). I suggest searching for "InstallInstall" and "InstallFail" messages, verifier/verification messages, and Java-like exception stack traces. You're welcome to post your problems as issues on this repository, but I can't promise I will be able to help you in any way. We can treat them as "observations" or "reports". Maybe someone else will come by and suggest some steps for future experimenters.

android dalvik dex apk standalone hello-world nim jni minimal

dalvik - Dalvik parser in pure Rust.

•    Rust

---

Android Dalvik Dex parser in 100% pure Rust, still in development.

dalvik parser dalvik-parser android dex