Anroid 逆向工具

静态分析

JEB - The Interactive Android Decompiler.

GDA - GGJoy Dex Analysizer(GDA)，国内第一款也是唯一一款全交互式反编译器，同时也是世界上最早实现的dalvik字节码反编译器。

IDA - The IDA Disassembler and Debugger is an interactive, programmable, extensible, multi-processor disassembler hosted on Windows, Linux, or Mac OS X. IDA has become the de-facto standard for the analysis of hostile code, vulnerability research and commercial-off-the-shelf validation.

Ghidra - Ghidra is a software reverse engineering (SRE) framework.

jadx - Dex to Java decompiler.

jd-gui - A standalone Java Decompiler GUI.

androguard - Reverse engineering, Malware and goodware analysis of Android applications … and more (ninja !).

ApkTool - A tool for reverse engineering Android Apk Files.

Bytecode-Viewer - A Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Dex2Jar - Tools to work with android .dex and java .class files.

Enjarify - Enjarify is a tool for translating Dalvik bytecode to equivalent Java bytecode. This allows Java analysis tools to analyze Android applications.

smali/baksmali - An assembler/disassembler for Android’s dex format.

Luyten - An Open Source Java Decompiler Gui for Procyon.

AndroidKiller - Android killer 是一款可视化的安卓应用逆向工具，集Apk反编译、Apk打包、Apk签名，编码互转，ADB通信（应用安装-卸载-运行-设备文件管理）等特色功能于一身，支持logcat日志输出，语法高亮，基于关键字（支持单行代码或多行代码段）项目内搜索，可自定义外部工具；吸收融汇多种工具功能与特点，打造一站式逆向工具操作体验，大大简化了安卓应用/游戏修改过程中各类繁琐工作。

decompiler - A decompiler with multiple backend support, written in Python. Works with IDA and Capstone.

ApkVulCheck - This is a tool to help androidcoder to check the flaws in their projects.

RMS-Runtime-Mobile-Security - Runtime Mobile Security (RMS) is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime.

Mobile-Security-Framework-MobSF - Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

cutter - Free and Open Source Reverse Engineering Platform powered by radare2.

android-classyshark - Analyze any Android/Java based app or game.

jda - apk、dex、jar 反编译工具。

APKLab - Android Reverse Engineering WorkBench for VS Code.

profiler - 这是一个主要用于逆向工程师用来跟踪java方法调用流程的工具。

TraceReader - About
android小工具，通过读取trace文件，回溯整个整个程序执行调用树。

[reko]{https://github.com/uxmal/reko} - Reko is a binary decompiler.

quark-engine - Malware Scoring System.

ApkAnalyser - ApkAnalyser.

java-disassembler - The Java Disassembler.

super-jadx - Add new features for reverse engineering, such as: renaming of classes, fields, methods, variables, reference graphs and more.

apkstudio - Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.

FlowDroid - FlowDroid Static Data Flow Tracker.

动态调试HOOK

sdbg - Sdbg is a Smali debugger powered by SmaliVM.

frida - Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.

Arthas - Alibaba Java Diagnostic Tool Arthas/Alibaba Java诊断利器Arthas.

dynarmic - An ARM dynamic recompiler.

Enigma - This is a fork of cuchaz’s engima, a deobfuscation/remapping tool for Java software.

Dobby - a lightweight, multi-platform, multi-architecture hook framework.

ARM64InlineHook - ARM64InlineHook.

objection - objection - runtime mobile exploration.

Android-Inline-Hook - thumb16 thumb32 arm32 inlineHook in Android.

xHook - A PLT hook library for Android native ELF.

FastHook - 一种高效稳定、简洁易用的Android Hook框架，实际项目验证，拥有远超其他同类框架的优异稳定性。

whale - Hook Framework for Android/IOS/Linux/MacOS.

YAHFA - Yet Another Hook Framework for ART.

SandHook - Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 11.0 32/64 bit - Xposed API Compat.

Android_Inline_Hook - Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32 and ARM64 ! With this, tools like Xposed can do android native hook.

Android_Inline_Hook_ARM64 - Build an .so file to automatically do the android_native_hook work. Supports ARM64 ! With this, tools like Xposed can do android native hook.

ArtHook - Library for hooking on ART.

epic - Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 5.0~11.

Android_InlineHook - Android内联hook框架.

[And64InlineHook]{https://github.com/Rprop/And64InlineHook} - Lightweight ARMv8-A(ARM64, AArch64, Little-Endian) Inline Hook Library for Android C/C++.

StormHook - StormHook is a Android Hook Framework for Dalvik and Art.

fbhookfork - 从 fb 的 profilo 项目里提取出来的hook 库，自己用.

pine - Dynamic java method hook framework on ART.

ChickenHook - A linux / android / MacOS hooking framework.

frida-substrate - substrate framework for android based on frida.

VirtualDynamicAnalysis - A basic android pentest environment to instrument apps without root or repackaging an app.

LSPosed - LSPosed Xposed Framework.

dexcalibur - About
[Official] Android reverse engineering tool focused on dynamic instrumentation automation.

Dwarf - Full featured multi arch/os debugger built on top of PyQt5 and frida.

gdb-frontend - GDBFrontend is an easy, flexible and extensionable gui debugger.

bhook - ByteHook(aka bhook) is a PLT hook framework for Android app.

ezinject - Modular binary injection framework.

脱壳工具

FART - ART环境下自动化脱壳方案。

FUPK3 - FUPK v3, 早期的一个Android半自动脱壳机。

FartDexFix - hanbing大佬fart工具脱壳后dex后修复.

BlackDex - BlackDex

unpacker - unpacker

android_tools - Bash scripts for ROM development stuff.

fans - FANS: Fuzzing Android Native System Services.

profiler - A tool to trace java method dynamically for android application.

magiskboot - ‘magiskboot’ command line application on linux.

其他

android_triage - Bash script to extract data from an Android device.

sslsplit - 透明的 SSL/TLS 拦截.

vdexExtractor - Tool to decompile & extract Android Dex bytecode from Vdex files.

android-simg2img - Tool to convert Android sparse images to raw images.

android-unpackbootimg - Tools to work with Android boot images.

hsu - Hide Magisk and root system-wide to prevent any kinds of detection.

yadb - yadb是一个根据原生yadb不支持的功能做的扩展。

bxxt - 解包，打包 boot.img 工具。

MagiskHidePropsConf - MagiskHidePropsConf.

frida-il2cpp-bridge - A Frida module to dump, trace or hijack any Il2Cpp application at runtime, without needing the global-metadata.dat file.

hamibot - Android 平台 JavaScript 自动化工具，无需 root。

android-event-recorder - 一个记录/重放Android平台输入事件的工具，自动化测试会更容易。

xcubebase - 基于xposed的frida持久化方案。

xcubebase_riru - 基于magisk 和riru的frida持久化方案。

Android-Security-Reference - A W.I.P Android Security Ref.

Airtest - 游戏和应用程序的 UI 自动化框架.

py-scrcpy-client - 一个简单易用的python scrcpy客户端。

apk-medit - 无需root和ndk的可调试apk上的内存搜索和补丁工具。

e9patch - 强大的静态二进制重写器.

Android_boot_image_editor - Parsing and re-packing Android boot.img/vbmeta.img, supporting Android 12.

adb_tool - ADB TOOL，提供 adb 管理，android 端 adb 安装，开启远程调试。

kconfig-hardened-check - A tool for checking the security hardening options of the Linux kernel.

androidbinary - Android binary file parser written in golang.

payload_dumper - Android OTA payload .

deoptfuscator - Deobfuscator for Android Application.

arm64-pgtable-tool - Tool for automatically generating MMU and translation table setup code, whether to drag and drop into your own bare metal arm64 projects or to assist you in your own learning.

PC 逆向工具

x64dbg - An open-source x64/x32 debugger for windows.

HyperHide - Hypervisor based anti anti debug plugin for x64dbg.

Themidie - x64dbg plugin to bypass Themida 3.x Anti-Debugger / VM / Monitoring programs checks (x64).

xAnalyzer - xAnalyzer plugin for x64dbg.

RETools - RETools.

rizin - UNIX-like reverse engineering framework and command-line toolset.

demumble - A better c++filt and a better undname.exe, in one binary.

Winshark -

udbg - dynamic binary analysis tools.

edb-debugger - edb is a cross-platform AArch32/x86/x86-64 debugger.

Dependencies - depends.exe 的开源的现代版本。

kaiju - CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite.

VirtualKD-Redux - VirtualKD-Redux - A revival and modernization of VirtualKD.

MalwareLab_VM-Setup - Setup scripts for my Malware Analysis VMs

windbg-cheat-sheet - My personal cheat sheet for using WinDbg for kernel debugging.

windbg-scripts - A bunch of JavaScript extensions for WinDbg.

pharos - 二进制程序的自动化静态分析工具。

VMUnprotect - VMUnprotect 可以动态记录和操作来自虚拟化方法的调用。

reko - Reko is a binary decompiler.

YDArk - X64内核小工具.

Impost3r - Impost3r是一个利用C语言编写,用来窃取linux下各类密码(ssh,su,sudo)的工具。

HyperDbg - HyperDbg Debugger is an open-source, community-driven, hypervisor-assisted, user-mode and kernel-mode Windows debugger with a focus on using modern hardware technologies.

开发工具

抓包工具

BurpSuite - Burp Suite is a leading range of cybersecurity tools, brought to you by PortSwigger. We believe in giving our users a competitive advantage through superior research.

BurpSuitePro-2.1 - 免费的BurpSuitePro版本。

BurpSuite-collections - BurpSuite的插件(非商店),文章以及使用技巧的收集.

qqwry2mmdb - 为 Wireshark 能使用纯真网络 IP 数据库(QQwry)而提供的格式转换工具.

GeoIP-CN -