Giters

alphaSeclab / android-security

Android Security Resources.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

androidandroid-debug-bridgeandroid-malwareandroid-securityandroid-vulnapktoolart-hookcsploitdalvik-hookjadxjebmobsf

所有收集类项目

Android

  • Android安全资源收集,初版。600+工具,1500+文章
  • English Version

目录

资源收集

Github Repo

知名分析工具

ClassyShark

工具

文章

jeb

工具

文章

enjarify

工具

  • [2467星][3y] [Py] google/enjarify 将Dalvik字节码转换为对应的Java字节码
  • [516星][5m] [Py] storyyeller/enjarify 将Dalvik字节码转为对应的Java字节码(google Fork版)

文章

androguard

工具

文章

jadx

工具

  • [21172星][1m] [Java] skylot/jadx dex 转 java 的反编译器
  • [89星][2m] [C++] romainthomas/pyjadx Jadx Python Binding
  • [9星][1y] [PHP] vaibhavpandeyvpz/deapk DeAPK is an open-source, online APK decompiler which lets you upload an APK and then decompile it to Smali or Java sources. It is built using Laravel, Vue.js, Bootstrap, FontAwesome, Pusher, Redis, MySQL, apktool, jadx and hosted atop DigitalOcean cloud platform.

文章

jd-gui

工具

文章

dex2jar

工具

  • [7142星][7m] [Java] pxb1988/dex2jar Tools to work with android .dex and java .class files
  • [100星][7m] [Java] dexpatcher/dex2jar Unofficial dex2jar builds
  • [85星][1m] [Py] tp7309/ttdedroid 一键反编译工具One key for quickly decompile apk/aar/dex/jar, support by jadx/dex2jar/enjarify/cfr.
  • [68星][5y] [Py] ajinabraham/xenotix-apk-reverser Xenotix APK Reverser is an OpenSource Android Application Package (APK) decompiler and disassembler powered by dex2jar, baksmali and jd-core.
  • [60星][7y] [Java] strazzere/dehoser Unpacker for the HoseDex2Jar APK Protection which packs the original file inside the dex header

文章

apktool

工具

文章

virtualapk

工具

  • [7760星][1y] [Java] didi/virtualapk A powerful and lightweight plugin framework for Android

baksmali

工具

文章

cSploit

工具

文章

bytecodeviewer

工具

  • [10890星][4m] [Java] konloch/bytecode-viewer A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
  • [1123星][2m] [Kotlin] ingokegel/jclasslib jclasslib bytecode viewer is a tool that visualizes all aspects of compiled Java class files and the contained bytecode.

MobSF

工具

  • [5441星][1m] [Py] mobsf/mobile-security-framework-mobsf Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
  • [25星][6m] [Shell] soluto/mobsf-ci All that is required to run MobSF in the ci
  • [21星][2m] [Java] mobsf/mobsf-related-materials MobSF related Presentations, Slides and Others.

文章

androl4b

工具

  • [822星][6m] sh4hin/androl4b 用于评估Android应用程序,逆向工程和恶意软件分析的虚拟机

文章

decaf

工具

  • [535星][1m] [C] decaf-project/decaf a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
  • [26星][3m] [Java] decaf-lang/decaf The new Decaf compiler, rewritten in "modern" Java
  • [22星][3m] [Rust] decaf-lang/decaf-rs The Decaf compiler, written in Rust

文章

cuckoo-droid

工具

各类App

ahmyth

工具

文章

工具

Topic

漏洞

工具

文章

恶意代码

工具

文章

取证

工具

  • [395星][2m] [Py] den4uk/andriller a collection of forensic tools for smartphones
  • [255星][1m] [Py] orlikoski/cdqr a fast and easy to use forensic artifact parsing tool that works on disk images, mounted drives and extracted artifacts from Windows, Linux, MacOS, and Android devices
  • [108星][5y] [Py] mspreitz/adel dumps all important SQLite Databases from a connected Android smartphone to the local disk and analyzes these files in a forensically accurate workflow
  • [108星][3y] projectretroscope/retroscope Public release of the RetroScope Android memory forensics framework
  • [41星][3y] [HTML] scorelab/androphsy An Open Source Mobile Forensics Investigation Tool for Android Platform
  • [26星][4y] [Py] cyberhatcoil/acf Android Connections Forensics
  • [8星][8y] [Py] agnivesh/aft [Deprecated] Android Forensic Toolkit

文章

Hook

XPosed

工具

  • [1763星][2y] [Java] ac-pm/inspeckage Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
  • [1730星][4m] [Java] tiann/epic Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 4.0~10.0
  • [708星][1m] [Java] ganyao114/sandhook Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 10.0 32/64 bit - Xposed API Compat
  • [429星][4y] [Makefile] mindmac/androideagleeye An Xposed and adbi based module which is capable of hooking both Java and Native methods targeting Android OS.
  • [220星][1y] [C] gtoad/android_inline_hook Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32 and ARM64 ! With this, tools like Xposed can do android native hook.
  • [169星][2m] [Java] 546669204/wechatbot-xposed A WeChat robot unit ,based on the android xposed framework hook to implement WeChat app robot functions
  • [128星][2y] [Java] bmax121/budhook An Android hook framework written like Xposed,based on YAHFA.
  • [104星][5y] [Java] rednaga/dexhook DexHook is a xposed module for capturing dynamically loaded dex files.
  • [50星][1y] [Py] hrkfdn/deckard Deckard performs static and dynamic binary analysis on Android APKs to extract Xposed hooks

文章

Frida

工具

  • [277星][2y] [Py] antojoseph/frida-android-hooks Lets you hook Method Calls in Frida ( Android )
  • [271星][1m] [JS] frenchyeti/dexcalibur Dynamic binary instrumentation tool designed for Android application and powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
  • [99星][2y] [Java] piasy/fridaandroidtracer A runnable jar that generate Javascript hook script to hook Android classes.
  • [30星][9m] [TS] igio90/frida-onload Frida module to hook module initializations on android
  • [3星][3m] [Py] margular/frida-skeleton This repository is supposed to define infrastructure of frida on hook android including some useful functions

文章

工具

文章

加固&&破解

其他

Dalvik

工具

文章

APK-Xxx

工具

  • [14704星][3m] [Java] tencent/tinker Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstall apk.
  • [6265星][3m] [Java] droidpluginteam/droidplugin A plugin framework on android,Run any third-party apk without installation, modification or repackage
  • [1879星][1m] [Java] yeriomin/yalpstore Download apks from Google Play Store
  • [1521星][6m] [C++] vaibhavpandeyvpz/apkstudio Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.
  • [1329星][1y] [Shell] dana-at-cp/backdoor-apk a shell script that simplifies the process of adding a backdoor to any Android APK file.
  • [1215星][2m] [Java] javiersantos/piracychecker An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required.
  • [914星][7y] [Java] sonyxperiadev/apkanalyser ApkAnalyser
  • [745星][2m] [YARA] rednaga/apkid Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
  • [685星][1m] [Batchfile] ufologist/onekey-decompile-apk 一步到位反编译apk工具(onekey decompile apk)
  • [678星][7y] [Java] honeynet/apkinspector APKinspector is a powerful GUI tool for analysts to analyze the Android applications.
  • [589星][4m] [Java] alexzaitsev/apk-dependency-graph Android class dependency visualizer. This tool helps to visualize the current state of the project.
  • [552星][5y] [Shell] lxdvs/apk2gold CLI tool for decompiling Android apps to Java. It does resources! It does Java! Its real easy!
  • [544星][1y] [Java] jaredrummler/apkparser APK parser for Android
  • [541星][1m] [Java] windysha/xpatch 免Root实现app加载Xposed插件工具。This is a tool to repackage apk file, then the apk can load any xposed modules installed in the device. It is another way to hook an app without root device.
  • [502星][3m] [TS] shroudedcode/apk-mitm
  • [495星][4m] [Shell] s0md3v/diggy Extract endpoints from apk files.
  • [391星][6m] [Java] patrickfav/uber-apk-signer A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
  • [376星][2y] [Shell] m4sc3r4n0/evil-droid 创建和生成并嵌入APK Payload,用来渗透android平台
  • [332星][2m] [Shell] 1n3/reverseapk Quickly analyze and reverse engineer Android packages
  • [304星][2m] [Shell] venshine/decompile-apk APK 反编译
  • [289星][2m] [Py] abhi-r3v0/adhrit Android Security Suite for APK reversing, in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
  • [288星][5m] [Java] appium/sign Sign.jar automatically signs an apk with the Android test certificate.
  • [283星][3y] [Java] fourbrother/icodetools Android中动态自动插入代码到apk中工具
  • [266星][2y] [Java] l-jinbin/apksignaturekiller 一键破解APK签名校验
  • [253星][2y] [Java] godlikewangjun/dexknife-wj apk加固插件 带签名校验、dex加密、资源混淆
  • [230星][4y] [Ruby] strazzere/apkfuscator A generic DEX file obfuscator and munger
  • [196星][2m] [Py] claudiugeorgiu/obfuscapk A black-box obfuscation tool for Android apps
  • [190星][3y] [Py] andy10101/apkdetecter Android Apk查壳工具及源代码
  • [181星][2m] [JS] chenquincy/app-info-parser A javascript parser for parsing .ipa or .apk files. IPA/APK文件 js 解析器
  • [175星][4m] [Java] calebfenton/apkfile Android app analysis and feature extraction library
  • [168星][2y] [Py] certcc/keyfinder A tool for finding and analyzing private (and public) key files, including support for Android APK files.
  • [161星][2y] [Java] iqiyi/dexsplitter Analyze contribution rate of each module to the apk size
  • [149星][2y] [Py] mhelwig/apk-anal Android APK analyzer based on radare2 and others.
  • [148星][2m] [Py] yukiarrr/il2cppspy Unity IL2CPP Disassembler (for apk)
  • [135星][5y] [Java] wanchouchou/apkprotect 通付盾第一代安全加固方案
  • [109星][2m] [Py] quarkslab/legu_unpacker_2019 Scripts to unpack APK protected by Legu
  • [107星][1m] [Py] zsdlove/apkvulcheck This is a tool to help androidcoder to check the flaws in their projects.
  • [107星][7m] [Py] alessandrodd/apk_api_key_extractor Automatically extracts API Keys from APK files
  • [106星][2m] [Py] virb3/apk-utilities A cross-platform suite of scripts and utilities for working with APK files
  • [96星][2y] [Shell] adi1090x/hackapk An Advanced Tool For Complete Apk-Modding In Termux ...
  • [95星][2y] [Shell] jbreed/apkwash Android APK Antivirus evasion for msfvenom generated payloads.
  • [94星][6m] [Py] furniel/apk-changer Command line program for modifying apk files
  • [85星][11m] [C++] kefir500/apk-icon-editor APK editor to easily change APK icons, name and version.
  • [83星][1m] [Py] wulio/coeus Android apk/sdk Scan包括android apk/sdk 安全审计代码扫描以及国内政策扫描
  • [81星][1m] [Kotlin] linkedin/dex-test-parser Find all test methods in an Android instrumentation APK
  • [79星][3y] [Ruby] xc0d3rz/metasploit-apk-embed-payload Embed a Metasploit Payload in an Original .Apk File
  • [71星][1m] [Shell] hax4us/apkmod Apkmod can decompile, recompile, sign APK, and bind the payload with any legit APP
  • [69星][3m] [C++] kefir500/apk-editor-studio Powerful yet easy to use APK editor.
  • [65星][3m] [C++] sisong/apkdiffpatch a C++ library and command-line tools for Zip(Jar,Apk) file Diff & Patch; create minimal delta/differential; support Jar sign(apk v1 sign) & apk v2,v3 sign .
  • [62星][11m] [Py] andy10101/apksecurityanalysis ApkSecurityAnalysis
  • [61星][5y] [Py] hamiltoniancycle/classnamedeobfuscator Simple script to parse through the .smali files produced by apktool and extract the .source annotation lines.
  • [50星][3y] [Shell] osm0sis/apk-patcher Patch APKs on-the-fly from Android recovery (Proof of Concept)
  • [49星][3y] [Py] mothran/apkminer Parallel APK analyzer
  • [49星][2m] [Java] catherine22/classloader Loading apks or classes without reinstalling your app.
  • [48星][3y] [Java] linsea/apkcompare A tool to compare 2 version APKs to find out files change. 比较两个版本的APK以找出文件大小变化的工具
  • [47星][8m] [Py] cryptax/angeapk Encrypting a PNG into an Android application
  • [47星][3y] [Shell] onbiron/apk-resigner A bash script utility for resining Android Package (APK) files.
  • [46星][6y] [Py] funsecurity/apk_binder_script apk binder script
  • [42星][3y] [Shell] jbreed/apkinjector Android APK Antivirus evasion for msfvenom generated payloads to inject into another APK file for phishing attacks.
  • [40星][3y] [Py] h0nus/spynoteshell Simple Python tool for backdooring apks files (with meterpreter or shell of Metasploit)
  • [35星][9m] [Shell] robertohuertasm/apk-decompiler Small Rust utility to decompile Android apks
  • [33星][3y] [Ruby] skulltech/apk-payload-injector POC for injecting Metasploit payloads on arbitrary APKs
  • [32星][1y] [Java] project-artist/dexterous Library and standalone CLI tool for apk/dex merging, repackaging and signing. Can also get used as a dex analyzer framework.
  • [29星][2m] [Java] martinstyk/apkanalyzer Java tool for analyzing Android APK files
  • [29星][3m] [Go] avast/apkparser APK manifest & resources parsing in Golang.
  • [26星][1y] [Ruby] ajitsing/apktojava View android apk as java code in gui
  • [26星][4m] [Java] calebfenton/resequencer Configurable, flexible regex-based APK modification tool.
  • [21星][3y] [Py] kudelskisecurity/check_all_apks Check All APK's -- scripts for checking your phone for malware
  • [20星][5m] [Py] hexabin/apkstat Automated Information Retrieval From APKs For Initial Analysis
  • [20星][3m] [Shell] gzu-liyujiang/apkdecompiler 【Linux系统】上apk反编译助手,已打包为ApkDecompiler.deb,支持debian系linux,如debian、ubuntu、mint、deepin等等
  • [20星][2y] [Go] phinexdaz/ipapk ipa or apk parser written in golang, aims to extract app information
  • [19星][5m] [Go] avast/apkverifier APK Signature verification in Go. Supports scheme v1, v2 and v3 and passes Google apksig's testing suite.
  • [17星][5y] [JS] dweinstein/node-aptoide aptoide app store APK download
  • [15星][10m] [C] magisterquis/pcapknock Watches for trigger packets, runs commands or spawns a shell
  • [14星][4y] [Py] ryanwsmith/apkinspector
  • [14星][2y] [Py] fourspaces/reverse_lianjia_wxapkg 逆向链家微信小程序,解析 请求的加密方式获取数据
  • [13星][3y] [Scala] fschrofner/glassdoor glassdoor is a modern, autonomous security framework for Android APKs. POC, unmaintained unfortunately.
  • [13星][2m] [Java] iamyours/apkcrack A tool that make your apk debuggable for Charles/Fiddler in Android 7.0
  • [12星][6y] [Ruby] nvisium/ruby_apk_unpack Ruby Gem to Unpack APK(s)
  • [12星][2m] [JS] shahidcodes/android-nougat-ssl-intercept It decompiles target apk and adds security exception to accept all certificates thus making able to work with Burp/Charles and Other Tools
  • [12星][2m] [Java] orhun/apkservinject Tool for injecting (smali) services to APK files
  • [11星][8m] [Ruby] fuzion24/webapkcrawler Uses Google to search for .apks hosted on websites and downloads them
  • [9星][3y] [Py] voider1/a2scomp A tool to make it easier to change the SMALI of an APK
  • [8星][3y] [Shell] manofftoday/venomdroid3 Script that easily creates, signs and AV bypass .apk metasploit reverse_tcp payload.
  • [7星][3y] [Ruby] strazzere/ewmami A gem will allow you to query the Google Play APK Verification (AntiMalware) service
  • [6星][1y] as0ler/android-examples APK's used as example Apps for decompiling
  • [4星][1m] [Py] technowlogy-pushpender/apkinfector Advanced Android AV Evasion Tool Written In Python 3 that can Embed/Bind meterpreter APK to any Legitimate APK
  • [3星][4m] [Shell] deadport/apkill Pentest script for Aircrack-ng on debianesque systems that makes deauthing clients and catching handshakes of WiFi simple and fast.
  • [3星][12m] [Visual Basic .NET] pericena/apkcpd Compilar aplicaciones apk
  • [3星][11m] [Visual Basic .NET] pericena/apkdcx Los programas nos ayudara a poder descomprimir o descompilar las aplicaciones que son desarrollada en Android, con la extensión”.apk “para poder modificar el código y mejorar la aplicación.
  • [2星][1y] [Py] thor509/apk_digger
  • [1星][1y] [Py] b11001010/koodous-report-downloader Get apk's analysis report from
  • [1星][6y] huyle333/androidmitllctf2013 BUILDS Team 2 Android code from the MIT LL CTF 2013 for future reference. A list of APK files with different functions.
  • [0星][5y] [C++] raziel23x/apk-gamers-side-shooter

ADB

工具

  • [607星][5m] [Py] ashishb/adb-enhanced
  • [585星][1m] [Py] metachar/phonesploit Using open Adb ports we can exploit a Andriod Device
  • [561星][2m] [Shell] corbindavenport/nexus-tools Bash script for quickly installing ADB and Fastboot on macOS and Linux.
  • [470星][7y] [Shell] kosborn/p2p-adb Phone to Phone Android Debug Bridge - A project for "debugging" phones... from other phones.
  • [401星][1m] [Java] rikkaapps/shizuku Help normal apps using system APIs directly with adb/root privileges through a Java process started with app_process.
  • [258星][2m] [Shell] 4ch12dy/xadb some useful adb commands for android reversing and debugging both 32 and 64 bit and support macOS and win10's MINGW64.
  • [242星][1y] [Py] tiann/super-adb Enhance the adb shell using busybox, supporting vi、grep and awk etc. No need root.
  • [206星][3y] [Java] cgutman/adblib A Java library implementation of the ADB network protocol
  • [206星][2y] [C#] labo89/adbgui Wrapper for Android Debug Bridge (ADB) written in C#
  • [148星][1m] [Shell] izzysoft/adebar Android DEvice Backup And Report, using Bash and ADB
  • [125星][8m] [Ruby] mttkay/replicant A REPL for the Android Debug Bridge (ADB)
  • [122星][5y] irsl/adb-backup-apk-injection Android ADB backup APK Injection POC
  • [104星][4m] [Py] huuck/adbhoney Low interaction honeypot designed for Android Debug Bridge over TCP/IP
  • [103星][1m] [JS] webadb/webadb.js ADB host implementation based on WebUSB
  • [92星][2m] [Java] rikkaapps/wadb A simple switch for adb (Android Debug Bridge) over network.
  • [88星][3m] [Java] patrickfav/uber-adb-tools A tool that enables advanced features through adb installing and uninstalling apps like wildcards and multi device support. Useful if you want to clean your test device from all company apks or install a lot of apks in one go. Written in Java so it should run on your platform.
  • [41星][5y] [Py] techbliss/adb_helper_qt_super_version All You Need For Ida Pro And Android Debugging
  • [39星][3y] [JS] naman14/gnome-android-tool Gnome shell extension for adb tools
  • [33星][1m] [Py] entynetproject/ghost Ghost Framework is an Android post exploitation framework that uses an Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
  • [28星][7m] [Go] cs8425/go-adbbot android bot based on adb and golang
  • [14星][1m] [Shell] ashwin990/adb-toolkit ADB-Toolkit V2 for easy ADB tricks with many perks in all one. ENJOY!
  • [8星][3m] [Lua] wazehell/remote-adb-scan pure python remote adb scanner + nmap scan module
  • [3星][3y] prashantmi/android-h Android Hacker is a software based on ADB (Android Debug Bridge) and can compromise any "Android Device"

文章

IDA Pro

工具

文章

Frida

工具

文章

工具

文章

贡献

内容为系统自动导出, 有任何问题请提issue

About

Android Security Resources.

androidandroid-debug-bridgeandroid-malwareandroid-securityandroid-vulnapktoolart-hookcsploitdalvik-hookjadxjebmobsf