airkjw/android-reverse-engineering-skill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5ec451e3520c9c3d0b1ad2dc6cf8c0f596744654
android-reverse-engineering…/README.md
T
Simone Avogadro 5ec451e352 commit iniziale
2026-02-02 16:18:11 +01:00

142 lines
5.2 KiB
Markdown
Raw Blame History

# Android Reverse Engineering — Claude Code Plugin
A Claude Code plugin for decompiling Android APK/XAPK/JAR/AAR files with jadx, tracing call flows through application code, and documenting extracted APIs.
## What it does
- **Decompiles** APK, XAPK, JAR, and AAR files using jadx and Fernflower/Vineflower (single engine or side-by-side comparison)
- **Analyzes** app structure: manifest, packages, architecture patterns
- **Traces call flows** from Activities/Fragments through ViewModels and repositories down to HTTP calls
- **Extracts and documents APIs**: Retrofit endpoints, OkHttp calls, hardcoded URLs, auth patterns
- **Handles obfuscated code**: strategies for navigating ProGuard/R8 output
## Requirements
**Required:**
- Java JDK 17+
- [jadx](https://github.com/skylot/jadx) (CLI)
**Optional (recommended):**
- [Vineflower](https://github.com/Vineflower/vineflower) or [Fernflower](https://github.com/JetBrains/fernflower) — better output on complex Java code
- [dex2jar](https://github.com/pxb1988/dex2jar) — needed to use Fernflower on APK/DEX files
See `plugins/android-reverse-engineering/skills/android-reverse-engineering/references/setup-guide.md` for detailed installation instructions.
## Installation
### From GitHub (recommended)
Inside Claude Code, run:
```
/plugin marketplace add simonea/android-reverse-engineering-skill
/plugin install android-reverse-engineering@android-reverse-engineering-skill
```
The plugin will be permanently available in all future sessions.
### From a local clone
```bash
git clone https://github.com/simonea/android-reverse-engineering-skill.git
```
Then in Claude Code:
```
/plugin marketplace add /path/to/android-reverse-engineering-skill
/plugin install android-reverse-engineering@android-reverse-engineering-skill
```
## Usage
### Slash command
```
/decompile path/to/app.apk
```
This runs the full workflow: dependency check, decompilation, and initial structure analysis.
### Natural language
The skill activates on phrases like:
- "Decompile this APK"
- "Reverse engineer this Android app"
- "Extract API endpoints from this app"
- "Follow the call flow from LoginActivity"
- "Analyze this AAR library"
### Manual scripts
The scripts can also be used standalone:
```bash
# Check dependencies
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/check-deps.sh
# Install a missing dependency (auto-detects OS and package manager)
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/install-dep.sh jadx
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/install-dep.sh vineflower
# Decompile APK with jadx (default)
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh app.apk
# Decompile XAPK (auto-extracts and decompiles each APK inside)
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh app-bundle.xapk
# Decompile with Fernflower
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh --engine fernflower library.jar
# Run both engines and compare
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh --engine both --deobf app.apk
# Find API calls
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/ --retrofit
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/ --urls
```
## Repository Structure
```
android-reverse-engineering-skill/
├── .claude-plugin/
│ └── marketplace.json # Marketplace catalog
├── plugins/
│ └── android-reverse-engineering/
│ ├── .claude-plugin/
│ │ └── plugin.json # Plugin manifest
│ ├── skills/
│ │ └── android-reverse-engineering/
│ │ ├── SKILL.md # Core workflow (5 phases)
│ │ ├── references/
│ │ │ ├── setup-guide.md
│ │ │ ├── jadx-usage.md
│ │ │ ├── fernflower-usage.md
│ │ │ ├── api-extraction-patterns.md
│ │ │ └── call-flow-analysis.md
│ │ └── scripts/
│ │ ├── check-deps.sh
│ │ ├── install-dep.sh
│ │ ├── decompile.sh
│ │ └── find-api-calls.sh
│ └── commands/
│ └── decompile.md # /decompile slash command
├── LICENSE
└── README.md
```
## References
- [jadx — Dex to Java decompiler](https://github.com/skylot/jadx)
- [Fernflower — JetBrains analytical decompiler](https://github.com/JetBrains/fernflower)
- [Vineflower — Fernflower community fork](https://github.com/Vineflower/vineflower)
- [dex2jar — DEX to JAR converter](https://github.com/pxb1988/dex2jar)
- [apktool — Android resource decoder](https://apktool.org/)
## License
Apache 2.0 — see [LICENSE](LICENSE)
Reference in New Issue View Git Blame Copy Permalink