{"id":53981,"url":"https://github.com/user1342/Awesome-Android-Reverse-Engineering","name":"Awesome-Android-Reverse-Engineering","description":"A curated list of awesome Android Reverse Engineering training, resources, and tools.","projects_count":91,"last_synced_at":"2026-06-22T19:00:37.440Z","repository":{"id":152271096,"uuid":"625494227","full_name":"user1342/Awesome-Android-Reverse-Engineering","owner":"user1342","description":"A curated list of awesome Android Reverse Engineering training, resources, and tools.","archived":false,"fork":false,"pushed_at":"2025-07-08T11:52:39.000Z","size":127,"stargazers_count":2219,"open_issues_count":7,"forks_count":227,"subscribers_count":21,"default_branch":"main","last_synced_at":"2026-05-20T11:50:22.485Z","etag":null,"topics":["android","application-security","awesome","awesome-list","crackmes","ctfs","malware-analysis","mobsec","reverse-engineering","tools","training"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/user1342.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"ko_fi":"jamesstevenson"}},"created_at":"2023-04-09T09:34:47.000Z","updated_at":"2026-05-20T09:48:42.000Z","dependencies_parsed_at":"2025-11-13T08:01:05.923Z","dependency_job_id":null,"html_url":"https://github.com/user1342/Awesome-Android-Reverse-Engineering","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":"MarketingPipeline/Awesome-Repo-Template","purl":"pkg:github/user1342/Awesome-Android-Reverse-Engineering","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/user1342%2FAwesome-Android-Reverse-Engineering","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/user1342%2FAwesome-Android-Reverse-Engineering/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/user1342%2FAwesome-Android-Reverse-Engineering/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/user1342%2FAwesome-Android-Reverse-Engineering/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/user1342","download_url":"https://codeload.github.com/user1342/Awesome-Android-Reverse-Engineering/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/user1342%2FAwesome-Android-Reverse-Engineering/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33964367,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-05T02:00:06.157Z","response_time":120,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"created_at":"2024-01-16T08:36:17.272Z","updated_at":"2026-06-22T19:00:37.440Z","primary_language":null,"list_of_lists":false,"displayable":true,"categories":["Resources","Tools","CTFs and CrackMes","Obfuscation \u0026 Anti-Reversing","Training","Firmware \u0026 Kernel Analysis","Misc","Licence"],"sub_categories":["Documentation","Dynamic Analysis Tools","Case Studies","Courses and Material","Books","Static Analysis Tools","Decompilers","Videos","Malware Analysis"],"readme":"# Awesome Android Reverse Engineering\n\u003cp align=\"center\"\u003e\n   \u003cimg width=100% src=\"assets/cover.gif\"\u003e\n \u003c/a\u003e\n\u003c/p\u003e\n\n\n\u003cp align=\"center\"\u003e\n \u003cb\u003eA curated list of awesome Android Reverse Engineering training, resources, and tools.\u003c/b\u003e\n\n\n\u003cdiv align=\"center\"\u003e\n\n\n[![Awesome](https://awesome.re/badge.svg)](https://github.com/MarketingPipeline/Awesome-Repo-Template/)\n![GitHub contributors](https://img.shields.io/github/contributors/user1342/Awesome-Android-Reverse-Engineering)\n![GitHub Repo stars](https://img.shields.io/github/stars/user1342/Awesome-Android-Reverse-Engineering?style=social)\n![GitHub watchers](https://img.shields.io/github/watchers/user1342/Awesome-Android-Reverse-Engineering?style=social)\n![GitHub last commit](https://img.shields.io/github/last-commit/user1342/Awesome-Android-Reverse-Engineering)\n\u003cbr\u003e\n\n\u003c/div\u003e\n\n# How to Use\nAwesome-Android-Reverse-Engineering is an amazing list for people who work in taking apart Android applications, systems, or components. Simply press ```ctrl + F``` to search for a keyword, go through our Contents Menu, or lookout for a '☆' indicating some great and up-to-date resources.\n\n# Contents\n- [Training](#training)\n  - [Courses and Material](#courses-and-material)\n  - [Videos](#videos)\n  - [Books](#books)\n- [Tools](#tools)\n  - [Static Analysis Tools](#static-analysis-tools)\n  - [Dynamic Analysis Tools](#dynamic-analysis-tools)\n  - [Decompilers](#decompilers)\n  - [Malware Analysis](#malware-analysis)\n- [Resources](#resources)\n  - [Documentation](#documentation)\n  - [Case Studies](#case-studies)\n- [CTFs and CrackMes](#ctfs-and-crackmes)\n- [Misc](#misc)\n- [Obfuscation \u0026 Anti-Reversing](#obfuscation--anti-reversing)\n- [Firmware \u0026 Kernel Analysis](#firmware--kernel-analysis)\n- [Cloud API \u0026 Web Services Reversing](#cloud-api--web-services-reversing)\n\n## Training\n\n### Courses and Material\n- [☆ Maddie Stone's Android Reverse Engineering Training](https://www.ragingrock.com/AndroidAppRE/) - A comprehensive online training course on Android reverse engineering by Maddie Stone.\n- [Introduction to Assembly from Azeria Labs](https://azeria-labs.com/writing-arm-assembly-part-1/) - Covering everything from data types, registers, the ARM instruction set, memory instructions, and more.\n\n### Videos\n- [Kristina Balaam Android Reverse Engineering](https://www.youtube.com/@chmodxx) - A video series on reverse engineering basics and reverse engineering Android malware.\n- [LaurieWired Android Reverse Engineering videos](https://www.youtube.com/@lauriewired) - A YouTube channel focusing on Android reverse engineering.\n- [Using Frida To Modify Android Games | Mobile Dynamic Instrumentation](https://www.youtube.com/watch?v=BXtAujoPhQw) - Focusing on reverse engineering Android applications and on using Frida to dynamically modify Android games.\n\n### Books\n- [☆ Android Internals: A Confectioner's Cookbook](http://newandroidbook.com/) - An in-depth exploration of the inner-workings of Android.\n- [Blue Fox: Arm Assembly Internals and Reverse Engineering](https://www.amazon.co.uk/dp/1119745306) - Provides a solid foundation in ARM assembly internals.\n- [Android Software Internals Quick Reference](https://www.amazon.co.uk/Android-Software-Internals-Quick-Reference/dp/1484269136) - Techniques in Java and Android system internals.\n- [☆ Mobile Offensive Security Pocket Guide](https://www.amazon.co.uk/Mobile-Offensive-Security-Pocket-Guide/dp/1399921959) - Key information, approaches, and tooling for mobile penetration testers.\n- [Android Security Internals](https://nostarch.com/androidsecurity) - Detailed look into Android security architecture.\n- [Android Malware Detection with Machine Learning](https://nostarch.com/androidmalwaredetection) - Machine learning techniques for detecting malicious apps.\n- [Android Hacker's Handbook](https://www.amazon.com/Android-Hackers-Handbook-Joshua-Drake/dp/111860864X/) - A deep dive into Android exploitation and forensics.\n- [Practical Reverse Engineering](https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/) - Covers low-level reverse engineering concepts, including ARM assembly.\n- [The IDA Pro Book](https://nostarch.com/idapro2.htm) - Essential for advanced IDA Pro techniques.\n\n## Tools\n\n### Static Analysis Tools\n- [QARK](https://github.com/linkedin/qark) - An open-source tool for automatic Android app vulnerability scanning.\n- [Quark Engine](https://github.com/quark-engine/quark-engine) - Integrates various tools as Quark Script APIs for mobile security research.\n- [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) - Supports both static and dynamic analysis for Android app security testing.\n- [AndroBugs Framework](https://github.com/AndroBugs/AndroBugs_Framework) - Analyzes and scans Android apps for security issues.\n- [☆ imjtool](http://newandroidbook.com/tools/imjtool.html) - Firmware unpacking tool for various vendors and formats.\n- [Android Studio](https://developer.android.com/studio) - Useful for analyzing decompiled apps via an IDE.\n- [☆ APK Dependency Graph](https://github.com/alexzaitsev/apk-dependency-graph) - Visualizes APK class dependencies.\n- [disarm](http://newandroidbook.com/tools/disarm.html) - Command line utility for parsing ARM-64 instructions.\n- [COVA](https://github.com/secure-software-engineering/COVA) - Computes path constraints based on user-defined APIs.\n- [DIS{integrity}](https://github.com/user1342/DISintegrity) - Analyzes APKs for root, integrity, and tamper detection.\n- [Dexcalibur](https://github.com/FrenchYeti/dexcalibur) - Automated tool for analyzing and instrumenting Android applications.\n\n#### De-Obfuscation\n- [☆ Obfu[DE]scate](https://github.com/user1342/Obfu-DE-Scate) - De-obfuscation tool that uses fuzzy comparison logic.\n- [TinySmaliEmulator](https://github.com/amoulu/TinySmaliEmulator) - Minimalist smali emulator for \"decrypting\" obfuscated strings.\n- [simplify](https://github.com/CalebFenton/simplify) - Android virtual machine and deobfuscator.\n- [deoptfuscator](https://github.com/Gyoonus/deoptfuscator) - Tool for deobfuscating apps using control-flow obfuscation.\n\n### Dynamic Analysis Tools\n- [Drozer](https://github.com/WithSecureLabs/drozer) - Framework for Android security testing with dynamic analysis features.\n- [jtrace](http://newandroidbook.com/tools/jtrace.html) - Similar to strace, but for Android system calls.\n- [sesearch](https://linux.die.net/man/1/sesearch) - Command line tool for querying SELinux policies.\n- [AutoDroid](https://github.com/user1342/AutoDroid) - Mass APK gathering and analysis tool.\n- **Networking:**\n  - [☆ Burp Suite](https://portswigger.net/burp) - Commercial tool for analyzing network traffic of Android apps.\n  - [Wireshark](https://www.wireshark.org/) - Open-source network protocol analyzer.\n  - [SSLsplit](https://github.com/droe/sslsplit) - Intercepts and manipulates SSL/TLS encrypted traffic.\n  - [MITMProxy](https://mitmproxy.org/) - Man-in-the-middle proxy for analyzing network traffic.\n  - [apk-mitm](https://github.com/shroudedcode/apk-mitm) - Prepares APKs for HTTPS inspection.\n- **Dynamic Instrumentation:**\n  - [☆ Frida](https://frida.re/) - Dynamic instrumentation toolkit for runtime manipulation.\n  - **Xposed Framework** - For hooking and modifying app behavior at runtime.\n  - [☆ Objection](https://github.com/sensepost/objection) - Runtime exploration tool to bypass app security controls.\n  - [RMS Runtime Mobile Security](https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security) - Frida web interface.\n  - [☆ FriDump](https://github.com/Nightbringer21/fridump) - Uses Frida to dump memory of running apps.\n  - [jnitrace](https://github.com/chame1eon/jnitrace) - Frida-based JNI API tracer.\n  - [☆ Binder Trace](https://github.com/foundryzero/binder-trace) - Intercepts and parses Android Binder messages.\n\n### Decompilers\n- [☆ JADX](https://github.com/skylot/jadx) - Decompiles APKs into Java source code.\n- [Procyon](https://github.com/mstrobel/procyon) - Suite of Java decompilation tools.\n- [Cfr](https://github.com/leibnitz27/cfr) - Supports decompilation of Android APK files.\n- [FernFlower](https://github.com/JetBrains/intellij-community/tree/master/plugins/java-decompiler/engine) - Analytical decompiler for Java.\n- [☆ Apktool](https://ibotpeaches.github.io/Apktool/) - Popular tool for decompiling/recompiling APK files.\n- [DEX2JAR](https://github.com/pxb1988/dex2jar) - Converts DEX files to JAR files.\n- [JDGui](http://java-decompiler.github.io/) - Graphical utility to view Java source from class files.\n- [IDA Pro](https://hex-rays.com/ida-pro/) - Commercial disassembler and debugger.\n- [☆ Ghidra](https://ghidra-sre.org/) - Free and open-source SRE framework.\n- **Additional Decompilers:**\n  - JEB Decompiler - Commercial decompiler for Android apps.\n  - [Radare2](https://rada.re/n/) - Reverse engineering framework with disassembly and debugging.\n  - [Androguard](https://github.com/androguard/androguard) - Analyzes and reverse engineers Android apps.\n  - [apk2gold](https://github.com/lxdvs/apk2gold) - Decompiles Android apps to Java (note: may be outdated).\n  - [AndroidProjectCreator](https://github.com/ThisIsLibra/AndroidProjectCreator) - Converts APKs to Android Studio projects.\n  - [APK Studio](https://github.com/vaibhavpandeyvpz/apkstudio) - Qt-based IDE for reverse-engineering APKs.\n  - [show-java](https://github.com/niranjan94/show-java) - APK, JAR \u0026 Dex decompiler.\n  - [☆ APKLab](https://marketplace.visualstudio.com/items?itemName=Surendrajat.apklab) - VS Code extension integrating multiple tools.\n\n### Malware Analysis \n- [DroidDetective](https://github.com/user1342/DroidDetective) - Machine learning malware analysis for Android apps.\n- [Cuckoo Droid](https://github.com/idanr1986/cuckoodroid-2.0) - Automated Android malware analysis with Cuckoo Sandbox.\n- [androwarn](https://github.com/maaaaz/androwarn) - Static code analyzer for malicious Android applications.\n\n## Resources\n\n### Documentation\n- [Android Security Documentation](https://source.android.com/docs/security) - Official Google documentation on Android security.\n- [Android Reverse Engineering Challenges](https://github.com/apsdehal/awesome-ctf#reverse-engineering) - Curated list of reverse engineering challenges and CTFs.\n- [AndroidXref](http://androidxref.com/) - Open code search for Android source.\n- [APKMirror](https://www.apkmirror.com/) - Repository of APKs from the Play Store and user uploads.\n- [APKPure](https://m.apkpure.com/) - Repository of APKs for testing and research.\n\n### Case Studies\n- [A Reverse Engineer’s Post-mortem Of The Houseparty Video Chat App](https://www.jamesstevenson.me/a-reverse-engineers-post-mortem-of-the-houseparty-video-chat-app/)\n- [SharkBot: a “new” generation Android banking Trojan being distributed on Google Play Store](https://research.nccgroup.com/2022/03/03/sharkbot-a-new-generation-android-banking-trojan-being-distributed-on-google-play-store/)\n- [In-the-Wild Series: Android Exploits](https://googleprojectzero.blogspot.com/2021/01/in-wild-series-android-exploits.html)\n\n## CTFs and CrackMes\n- [☆ UnCrackable Mobile Apps](https://github.com/OWASP/owasp-mastg/tree/master/Crackmes) - OWASP Android app CrackMes.\n- [CyberTruckChallenge19](https://github.com/nowsecure/cybertruckchallenge19) - Security workshop material from CyberTruck Challenge 2019.\n- [KGB Messenger](https://github.com/tlamb96/kgb_messenger) - CTF challenge for learning Android reverse engineering.\n- [Flare-On Challenge](https://www.fireeye.com/services/flare-on.html) - High-level reverse engineering CTF with Android challenges.\n- [OverTheWire Narnia](http://overthewire.org/wargames/narnia/) - Not Android-specific but excellent for binary exploitation practice.\n\n## Misc\n- [LADB](https://github.com/tytydraco/LADB) - Local ADB shell for Android.\n- [Broken Droid Factory](https://github.com/user1342/Broken-Droid-Factory) - Generates pseudo-random vulnerable Android apps for training.\n- [uber-apk-signer](https://github.com/patrickfav/uber-apk-signer) - CLI tool for signing and zip aligning APKs.\n- [RUNIC tamper detection demo](https://github.com/user1342/RUNIC) - Demo for understanding Android tamper detection and integrity systems.\n\n## Obfuscation \u0026 Anti-Reversing\n- **Obfuscation Tools:**\n  - [ProGuard](https://www.guardsquare.com/manual/configuration/usage) - Code shrinker, optimizer, and obfuscator.\n  - [R8](https://developer.android.com/studio/build/shrink-code) - Google’s code shrinker and obfuscator.\n  - [DexGuard](https://www.guardsquare.com/dexguard) - Commercial tool for advanced app obfuscation.\n- **Anti-Reversing Techniques:**\n  - [Android Tamper Detection Framework (ATDF)](https://github.com/Fuzion24/AndroidTamperDetection) - Implements tamper detection.\n  - [Paranoid](https://github.com/sundaysec/Paranoid) - Detects root and tampering.\n  - [libhooker](https://github.com/hluwa/libhooker) - Detects hooking frameworks like Frida and Xposed.\n\n## Firmware \u0026 Kernel Analysis\n- [Binwalk](https://github.com/ReFirmLabs/binwalk) - Analyze, extract, and reverse engineer firmware images.\n- [AFLSmart](https://github.com/aflsmart/aflsmart) - Fuzzer optimized for firmware image analysis.\n- [Android Kernel Exploits](https://github.com/saelo/android_kernel_exploitation) - Collection of kernel vulnerabilities and exploit techniques.\n- [FirmWire](https://github.com/FirmWire/FirmWire) - Dynamic analysis platform for baseband firmware.\n\n\n## Contributing\nYour contributions are always welcome! Please read the contribution guidelines first. We follow the Contributor Covenant Code of Conduct, so please review and adhere to it when contributing.\n\n## Licence\n![GitHub](https://img.shields.io/github/license/user1342/Awesome-Android-Reverse-Engineering)  \nThis project is licensed under the MIT License - see the LICENSE.md file for details.\n","projects_url":"https://awesome.ecosyste.ms/api/v1/lists/user1342%2Fawesome-android-reverse-engineering/projects"}