{"id":13498336,"url":"https://github.com/lxdvs/apk2gold","last_synced_at":"2025-03-29T00:34:15.458Z","repository":{"id":6500527,"uuid":"7741034","full_name":"lxdvs/apk2gold","owner":"lxdvs","description":"CLI tool for decompiling Android apps to Java. It does resources! It does Java! Its real easy!","archived":false,"fork":false,"pushed_at":"2024-03-05T05:38:51.000Z","size":30621,"stargazers_count":672,"open_issues_count":19,"forks_count":110,"subscribers_count":44,"default_branch":"master","last_synced_at":"2024-10-31T15:38:43.102Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lxdvs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2013-01-21T21:48:27.000Z","updated_at":"2024-10-27T17:20:27.000Z","dependencies_parsed_at":"2024-07-29T09:30:59.630Z","dependency_job_id":"c8ed50d8-48d4-4f87-bd5f-9713e73f26a7","html_url":"https://github.com/lxdvs/apk2gold","commit_stats":{"total_commits":23,"total_committers":5,"mean_commits":4.6,"dds":0.4347826086956522,"last_synced_commit":"535046a4af74787703cd6f217088679c506ccdc1"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lxdvs%2Fapk2gold","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lxdvs%2Fapk2gold/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lxdvs%2Fapk2gold/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lxdvs%2Fapk2gold/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lxdvs","download_url":"https://codeload.github.com/lxdvs/apk2gold/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246122259,"owners_count":20726822,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T21:00:22.686Z","updated_at":"2025-03-29T00:34:14.408Z","avatar_url":"https://github.com/lxdvs.png","language":"Shell","funding_links":[],"categories":["Reversing","Libs","Shell","Tools"],"sub_categories":["\u003cA NAME=\"Decompiler\"\u003e\u003c/A\u003eSecurity \u0026 Decompiler","Postfix code completion","Decompilers"],"readme":"# Easy-as-pie Android Decompiler\n\n## Why\n### One stop shop\nI got pretty tired of decompiling Android apps with a bunch of steps that I had to remember all the time. It involved a lot of apktool, dex2jar, and jd-gui; it still confuses me.\n\n### Collocation of source files\nFurther, even after these steps were complete (usually a combination of dex2jar and JD-GUI), I would be left with disparate sources of information; the decompiled Java would be over here in this directory, while the un-DEXed content would be somewhere else (Really bad for importing into Eclipse!)\n\nI basically wanted to make this generate a tree and source as close as possible to what the original Android developer sees.\n\n### Regeneration of R.* References\nOne thing that existing decompilers *don't* do is regenerate R references; this tool includes a script that makes an attempt to do this. Which gives you more insight when you're reading source code?  \n`View v = inflater.inflate(217994357, container, false);`  \nor  \n`View v = inflater.inflate(R.layout.result_panel, container, false);`\n\nNow you can easily see and search for what resource is doing what, without needing to file-search R.java for some opaque int.\n\n**Note:** This process relies on guesses and may lead to weird results, because the resource ints were inlined and opaque. You can check out the source code of rreassoc.py to see my matching heuristics and adjust them appropriately.\n\n## What\napk2gold is basically a small amount of original content (the R.* thing) and a script wrapping some excellent 3rd-party tools. It is designed to be easily installed and to get you the best results for Android app introspection as quickly as possible. The project stands on the shoulders of the following giants:\n\n* **[kwart/jd-cmd](https://github.com/kwart/jd-cmd)** no idea if this builds under OSX :( and by extension, **[JD](http://java.decompiler.free.fr/)**\n\n* **[dex2jar](http://code.google.com/p/dex2jar/)**\n\n* **[apktool](http://code.google.com/p/android-apktool/)**\n\n## Installation\n\n### Dependencies\n\nYou'll need python, git (for submodules), mercurial (hg) for the sub-builds, and maven (mvn) for jd-cli. Sorry!\n\n### Installing\nJust run make.sh\n\n## Usage\n\n### Getting the APK\nThere are different ways to acquire an APK, but the easiest is to just download it from the Play Store and use ES File Explorer to back up the APK (ES File Explorer -\u003e \"AppMgr\" tab -\u003e long click on app you want -\u003e backup). The APK is now in the 'backups' directory on your SD card. Now you can just USB it over (I like to email it to myself from ES File Explorer itself). More depth can be found at [this SO post](http://stackoverflow.com/questions/12175904/where-can-i-find-the-apk-file-on-my-device-when-i-download-any-app-and-install).\n\n### Decompiling\nActually using my tool easy as pie! Just use:  \n`apk2gold \u003ctarget\u003e.apk`\n\n### Looking at the result\nThis will create a folder with the APK's name without '.apk' suffix. Everything is in there. There is also an additional directory you may not recognize, `/.smali`, which contains the Smali output from APKTool. It's just kept around for reference, in case JD did something bad. Load it up in Eclipse and have fun!  \nNote that the result will almost certainly not compile; that's not really the goal. We just want to get an idea of whats happening in the source code, check for malicious shit, etc.\n\n## You know what would be cool?\nIt would be real cool to look for sections that JD bailed on decompiling and sub in the Smali code generated by apktool. That would be baller.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flxdvs%2Fapk2gold","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flxdvs%2Fapk2gold","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flxdvs%2Fapk2gold/lists"}