Reverse engineering and penetration testing on Android apps: my own list of tools
This list of tools is really useful both in penetration testing on an Android application and in reverse engineering of a suspicious application.
All tools are OSS and freely available: so, enjoy!
GUI tool for analysis of Android applications.
The goal of this project is to aide analysts and reverse engineers to visualize compiled Android packages and their corresponding DEX code.
A tool for reverse engineering 3rd party, closed, binary Android apps.
It can decode resources to nearly original form and rebuild them after making some modifications.
A runtime mobile exploration toolkit, powered by Frida.
It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device.
Automatically signs an apk with the Android test certificate.
Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, It’s written completely in Java, and it’s open sourced.
Dex to Java decompiler: Command line and GUI tools for produce Java source code from Android Dex and Apk files.
A tool for converting .oat file to .dex files.
FindSecurityBugs is a extension for FindBugs which include security rules for Java applications.
A tool designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs.
SUPER is a command-line application, developed in Rust, that can be used in Windows, MacOS X and Linux, that analyzes .apk files in search for vulnerabilities.
Android vulnerability scanner that helps pentesters to find potential security vulnerabilities in Android applications.
Tool for de-obfuscating android package into Classes.dex which can be use Dex2jar and JD-GUI to extract contents of dex file.
Python script to parse through the .smali files produced by apktool and extract the .source annotation lines.
Utility to extract and repack Android backups created with adb backup (ICS+). More info about adb backup here.
Android version of well-known iOS’s Cydia Substrate: it enables developers to make changes to existing software with extensions that are injected in to the target process’s memory.
Xposed framework enables analysts to modify the system or application behaviour at runtime, without modifying any package or re-flashing.
A colorful and highly configurable alternative to the adb logcat command from the Android SDK.
Tool developed for dynamic analysis of Android applications.
By applying hooks to functions of the Android API, Inspeckage will help analysts to track what an Android application is doing at runtime.
The toolkit works using a client-server model and lets you inject in to running processes not just on Android, but also on iOS, Windows and Mac.
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, is designed for helping assess mobile applications by implementing dynamic function hooking and intercepting and intended to make Frida script writing as simple as possible.
AndBug is a debugger targeting the Android platform’s Dalvik virtual machine intended for reverse engineers and developers.
Blackbox tool to help understand what an Android application is doing at runtime and assist in the identification of potential security issues.
Drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.
Xposed Module to bypass SSL certificate pinning.
Android Xposed Module to bypass SSL certificate validation (Certificate Pinning).
Blackbox tool to bypass SSL certificate pinning for most applications running on a device.
Patch root checking for commonly known indications of root.
A standalone library project for certificate pinning on Android.
Android debugging tool that can be used for bypassing SSL, even when certificate pinning is implemented, as well as other debugging tasks.