Android (APK)
Emulators
| Tool | Description |
|---|---|
| Android Emulators for Reverse Engineers | Curated resources for Android emulation setups for reverse engineering |
| └── docker-android | Android emulator running in Docker containers for testing and automation |
| └── dock-droid | Docker-based Android environment for emulation and analysis |
Tools
| Tool | Description |
|---|---|
| Objection | Runtime mobile exploration toolkit. |
| Frida | Dynamic instrumentation toolkit for developers, reverse engineers, and security researchers. |
| MobSF | Mobile Security Framework for automated security testing. |
| JadX | Dex to Java decompiler for Android APKs. |
| APKTool | Tool for reverse engineering Android APK files. |
| Android Studio | Official IDE for Android app development. |
| dex2jar | Tool to convert Android DEX files to Java JAR files. |
| jd-gui | Graphical Java decompiler. |
| androguard | Reverse engineering and pentesting for Android applications |
Online
| Tool | Description |
|---|---|
| Online APK Decompiler | Web-based tool for decompiling APK files into readable source code |
| Android APK Decompiler | Online APK decompiler for Android application analysis |
| Joe Sandbox Cloud Basic | Automated malware analysis platform with Android sandboxing support |
Resources
Articles
- Mobile App Pentesting
- Android Dynamic Analysis Encironment - (VERY GOOD !!)
- Android APK Decompile - (VERY, VERY GOOD !!)
- Introduction to Frida
- Android Penetration Testing Frida
- Android Penetration Testing: Frida - Hacking Articles
- 💉 Frida’s Gadget Injection on Android: No Root, 2 Methods
Videos
- Android App Bug Bounty Secrets - YouTube
- LaurieWired - YouTube
- Deconstructing the Android Manifest
- Making a Malicious APK Debuggable with APKLab
- Ghidra Analysis of Android Native Code
- Where’s the native code? (In Android)
- Do This When Your Android Decompiler Fails
- Ghidra Scripting to Speed Up Reverse Engineering
- Hooking Native Android Methods with Frida
- Sniffing Android HTTPS Traffic with Burpsuite
- Unpacking Android APKs with Medusa
- Debugging Android Java Code With JDB
- Hooking Java Methods with Frida
- JADXecute: Dynamic Scripting For JADX
- Beautifying Native Android Code in Ghidra
- Triggering Android Intents
- Translating a Java Method to Native C++ (Android)
- Finding the Entrypoint of iOS Apps in Ghidra
- Writing a custom Android Decryptor in Java
GitHub
- LaurieWired · GitHub
- This contains notes and slides for my talk on Reverse Engineering Android Malware
- A guide to choosing between different Android Emulator options for Reverse Engineers
- Run the Medusa Android framework inside a docker container on x86 or ARM
- Automated Android custom unpacker generator
- The iOS IPA file Reverse Engineering reference
Documentation
Last updated on