Our great sponsors
|3 days ago||9 days ago|
|Apache License 2.0||Apache License 2.0|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Awesome CTF : Top Learning Resource Labs
72 projects | /r/TutorialBoy | 13 Nov 2021
Androguard - Reverse engineer Android applications.
2 projects | /r/nintype | 23 May 2023
Jadx - skylot/jadx: Dex to Java decompiler (github.com) - Used for decompiling the apk - make the code readable
Reverse Engineering the Facebook Messenger API
2 projects | news.ycombinator.com | 8 Apr 2023
Not sure. I started reverse engineering Java apps very early in my life — initially it was J2ME games. Decompilers of the time sucked but that didn't stop me from modding Gravity Defied :P
I honestly don't know what's a good way of getting started on reverse engineering. There's a bunch of everything about Windows executables in particular, including "crackmes", but native machine code is a level up from JVM bytecode. Java classes and Android dex files can be decompiled back to sensible source with a good chance that you get something that can be compiled again. No such luck for native code — C/C++ compilation is a lossy process by its nature, especially the optimizations. Ghidra does a decent job but still requires a non-zero amount of manual assistance. Flash games also were good to hone one's reverse engineering skills since ActionScript decompilers did a pretty darn good job.
Anyway. To decompile dex to Java source, there's jadx: https://github.com/skylot/jadx
Since decompilation is sometimes lossy, there's apktool for when you want to put the app back together after tinkering with it: https://github.com/iBotPeaches/Apktool
It goes without saying that you also need a JDK and the Android SDK. In particular, you need apksigner form the SDK to sign the unsigned apks generated by apktool. You can also automate things a bit and use adb to deploy them to your device.
What I usually do is get a high-level overview of the app in jadx, and then modify the smali (dalvik bytecode in text form, very assembly-like) files generated by apktool.
What Happens When Your Phone Is Spying on You
2 projects | news.ycombinator.com | 15 Mar 2023
A week ago I purchased a bluetooth device that takes some measurements. You require an Android or iOS application. The first thing the iOS app did was request permission for your location. Immediate fired up MITMproxy  running in transparent `--mode wireguard` and installed it's certificate in the iOS trust store. It was sending a whole bunch of data to China and HK. Since I don't have a jailbroken iPhone, it's off to Android.
For BLE scanning, Android does require permissions for location, but this application is using a Chinese branded tracking SDK and sending encrypted (within already encrypted TLS). So it's time to start reversing and instrumenting the runtime.
Well - not so easy, they used a commercial packer that encrypts their compiled bytecode and decrypts and runs it within a C++ library. I managed to bull the Dalvik out of memory using Frida, covert it to java bytecode with dex2jar then into decompiled java with jadx .
Since the developer relied on the packer to hide/obfuscate their software, it's quite easy to follow. The libraries that do the location tracking on the otherhand are obfuscated so now I'm at the stage of identifying where to hook before the encrypted blobs are sent to servers in China.
I've sunk about 8 hours into this so far. The message here is that to understand what some applications on your phone does you need to really invest time and effort. The developers increase the cost to the consumer to know what their application is doing by obfuscation, encryption and packing. It's asymmetric.
Any legit cracking tutorial?
2 projects | /r/ApksApps | 13 Feb 2023
jadx: View the generated Java code for an app. This tool tries to recreate Java code from the smali bytecode, but keep in mind that sometimes it may not work because Java -> Smali conversion is not fully backwards compatible.
Apk.sh is a Bash script that makes reverse engineering Android apps easier
9 projects | news.ycombinator.com | 17 Dec 2022
If you haven't tried Jadx , give it a shot. It's by far the easiest way to reverse Android APKs. I doesn't do patching or reassembly, but I used it for reversing the Delong'hi APK for longshot  and the quality of output was fantastic.
Is Jetpack Compose ready for production development?
12 projects | dev.to | 9 Nov 2022
I've also been doing some sleuthing myself — I want to figure out if there are other companies out there using Jetpack Compose. To do that I downloaded the apk binaries from Spotify, TikTok, Uber Eats, WhatsApp, Reddit and decompile them with jadx.
Consortium led by Smartfin acquires cybersecurity software provider Hex-Rays
9 projects | news.ycombinator.com | 18 Oct 2022
> I'd like to be able to do very basic audits of how programs work and precisely what they're doing, and also modify their behavior in simple ways (change hardcoded servers, change program execution flow, disable or enable certain functionality). Reverse engineering with basic modifications.
The listed books should help with that! I think Practical Malware Analysis really is a good start, even for that. When looking at malware you also try to find important functionality and the book teaches you how to get there quickly.
> I'd also like to have a go at modifying firmware of embedded devices, eg a car head unit with a stupid splash screen on startup that I'd like to disable.
There are probably forums for that, where you can find some info. There's also a nostarch book on car hacking (https://nostarch.com/carhacking) and for embedded (https://nostarch.com/hardwarehacking). I haven't read either, but it might be worth to check out some reviews for it. Maybe they're good and can help you achieve your goals.
The difficulty probably depends on how new the car is. In case you need to actually find a vulnerability in the infotainment system to get proper access, something like Hacking: The Art of Exploitation (https://nostarch.com/hacking2.htm), which I heard many good things about, is probably a good read. But if it's too new it might be too time consuming (see e.g. https://www.youtube.com/watch?v=k_F4wHc4h6k)
> For example I have a camera with wifi functionality, and you can control it from a phone app. It would be cool if I could somehow control that from the command line, or create my own basic app for the PC to control it. On top of that it would be good if I could modify the firmware to make it automatically start up in that remote control mode.
I think getting at least a CLI client could be relatively easy. For that you probably don't even need to reverse a binary using IDA/Ghidra/Binary Ninja. You can try to get the .apk file of the app and decompile it using something like jadx (https://github.com/skylot/jadx/). You'll receive mostly readable Java code. It can try to deobfuscate names, if they're obfuscated. The code you're interested in is probably somewhere under "com.manufacturer...".
How easy it is to modify the firmware once again likely depends on how old or new the camera is. They could, for example, have some integrity checks that keep you from doing that. But I have absolutely zero experience here, so it might as well be really easy. I think there could be forums for this, too.
Also be warned that modifying the firmware of your car or camera can break (parts of) them if things go wrong. E.g. I accidentally (soft) bricked a device because I tried to flash it from within a VM. I don't know how big the risk in your cases is, maybe there isn't any. But it's a good idea to read lots before accidentally breaking something expensive!
Happy I could help you :)
Is there a way to decompile and rebundle an android bundle?
2 projects | /r/androiddev | 29 Sep 2022
If you don't use Proguard then you can use jadx to decompile the APK (download it from APKPURE or any other sideloaded apk website)
Can anyone recommend a good tool to pentest mobile apps?, I have the packages locally. Thanks
2 projects | /r/Pentesting | 18 Jul 2022
I can say only for android: - General Scanner -> https://github.com/MobSF/Mobile-Security-Framework-MobSF - Decompiler -> https://github.com/skylot/jadx
how to modify tiktok app
2 projects | /r/androiddev | 17 Jul 2022
You can also decompile the code to java with https://github.com/skylot/jadx.
What are some alternatives?
Apktool - A tool for reverse engineering Android apk files
android-classyshark - Android and Java bytecode viewer
apk2gold - CLI tool for decompiling Android apps to Java. It does resources! It does Java! Its real easy!
simplify - Android virtual machine and deobfuscator
backdoor-apk - backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.
dexterity - Dex manipulation library
dont-kill-my-app - Android vendors, don't kill my app!
novelai - Novel AI Webview APK
binwalk - Firmware Analysis Tool [Moved to: https://github.com/ReFirmLabs/binwalk]