Android Security & Decompiler Resources

android-security-awesome A collection of android security related resources. Tools Academic/Research/Publications/Books Exploits/Vulnerabilities/Bugs

APKLab The ultimate Android RE experience right inside your VS Code. APKLab seamlessly integrates the best open-source tools: Quark-Engine, Apktool, J

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Using Soot? Let us know about it! We are regularly applying for funding to help us maintain Soot. You can help us immensely by letting us know about p

About smali/baksmali is an assembler/disassembler for the dex format used by dalvik, Android's Java VM implementation. The syntax is loosely based on

ClassyShark Introduction ClassyShark is a standalone binary inspection tool for Android developers. It can reliably browse any Android executable and

Keepass2Android What is Keepass2Android? Keepass2Android is a password manager app. It allows to store and retrieve passwords and other sensitive info

Error Prone Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time. public class ShortSet { public

Sentry Enforce security policies. Tiny app to enforce security policies of your device. It can: limit the maximum number of failed password attempts d

Radare2: The Libre Unix-Like Reverse Engineering Framework See the Releases page for downloads. The current git master branch is 5.7.7, next will be 5

This Tool is selected as BlackHat Arsenal USA 2020 What is Deoptfuscator Deoptfuscator is a tool for deobfuscating Android applications that have been

PermissionX is an extension Android library that makes Android runtime permission request extremely easy. You can use it for basic pe

Hide My Applist About this module Although it's bad practice to detect the installation of specific apps, not every app using root provides random pac

This project is an Android Studio plugin version of BlackObfuscator, it supports obfuscating code automatically. More information about this project are in BlackObfuscator.

AESCrypt-Android Simple API to perform AES encryption on Android with no dependancies. This is the Android counterpart to the AESCrypt library Ruby an

FolioReader-Android is an EPUB reader written in Java and Kotlin. Features Custom Fonts Custom Text Size Themes / Day mode / Night mode Text Highlight

JADX jadx - Dex to Java decompiler Command line and GUI tools for producing Java source code from Android Dex and Apk files Main features: decompile D

Burp extension to create target specific and tailored wordlist from burp history.

backdoor-apk backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script shoul

APKLab The ultimate Android RE experience right inside your VS Code. APKLab seamlessly integrates the best open-source tools: Quark-Engine, Apktool, J

Android Tamper Detector A simple library that can help you detect if you app is modded or tampered with. This adds a security level that makes it diff

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Dexter A WIP DEX editor (hence the name Dexter) for Android that uses Smali. Available decompilers JADX Fernflower CFR JD-Core Procyon TO-DO Implement

___ ___ / | \ ____ __ __ ______ ____ / ~ \/ _ \| | \/ ___// __ \ \ Y ( _ )

🔓 Kotlin version of the popular google/easypermissions wrapper library to simplify basic system permissions logic on Android M or higher.

FakerAndroid (FakerAndroid.jar or FakerAndroid-AS) A tool translate a apk file to stantard android project include so hook api and il2cpp c++ scaffold

r0capture 安卓应用层抓包通杀脚本 简介 仅限安卓平台，测试安卓7、8、9、10、11 可用 ； 无视所有证书校验或绑定，不用考虑任何证书的事情； 通杀TCP/IP四层模型中的应用层中的全部协议； 通杀协议包括：Http,WebSocket,Ftp,Xmpp,Imap,Smtp,Protob

Simplify Generic Android Deobfuscator Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it beh

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

crypto A collection of Kotlin Multiplatform Mobile libraries to aid in mobile app development. cryptohash: A set of cryptographic (and not so cryptogr

A program analysis tool to find cryptographic misuse in Java and Android.

Overview A ratcheting forward secrecy protocol that works in synchronous and asynchronous messaging environments. PreKeys This protocol uses a concept

BlackDex is an Android unpack tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phones or emulators, you can unpack APK File in several seconds.

GitHub | Download | Discord Matter Matter is a Paper fork that currently only adds what we call a secure feature seed. Based on Secure Seed mod by Ear

Note: This repository may be out of date. Future development will occur at https://github.com/Storyyeller/enjarify. Introduction Enjarify is a tool fo

Black Obfuscator is an obfuscator for Android APK DexFile, it can help developer to protect source code by control flow flattening, and make it difficult to analyze the actual program control flow.

An Obfuscation-Neglect Android Malware Scoring System Quark-Engine is also bundled with Kali Linux, BlackArch. A trust-worthy, practical tool that's r

Binscure Java bytecode obfuscator created by x4e. Usage First, create a config file, (example config here). When you have a config file, run binscure

Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a `writeToParcel`/`createFromParcel` serialization mismatch in `OutputConfiguration`

APG (Android Privacy Guard) APG originally brought email encryption to the Android platform. In recent years the project has fallen asleep, but a lot

PATDroid PATDroid is a collection of tools and data structures for analyzing Android applications and the system itself. We intend to build it as a co

Appdbg - make it possible to run android dex file in original Java Virtual Machine

PentagridScanController Improve automated and semi-automated active scanning for BurpSuite Author: Tobias "floyd" Ospelt, @floyd_ch, http://www.floyd.

A android app for encrypting apk

AndroidHybridCrypto HybridCrypto is simple customizable Android implementation of hybrid cryptography (AES+RSA+Hash) recommended by OWASP. Usage Step

MiHawk MiHawk 🦅 👁️ is simple and secure 🔒 Android Library to store and retrieve pair of key-value data with encryption , internally it use jetpack

Gnu Privacy Guard for Android A port of the whole GnuPG 2.1 suite to Android. If you are using these tools in your own apps, we'd love to hear about i

MIUIDock 一个xposed模块，将MIUI高斯模糊的搜索栏修改成Dock背景 模糊条件 Android 11 以上 build.prop 中 ro.miui.backdrop_sampling_enabled = true 使用前须知 推荐使用LSPosed，请在设置内开启资源钩子 本项目只

Easy-as-pie Android Decompiler Why One stop shop I got pretty tired of decompiling Android apps with a bunch of steps that I had to remember all the t

OpenSSL on the Android platform. --- The code in this directory is based on $OPENSSL_VERSION in the file openssl.version. See patches/README for more

Warden Permission handling in Android can be complicated. It requires boilerplate code to setup the permission request, receive the result and then fo

SigDisplayer Usage Download the release APK or clone the repository and compile yourself. Sign the APK with your preferred keystore. Install and open

A RSA Cipher implementation for Kotlin/Java.