airkjw/android-reverse-engineering-skill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fc9a7223596626b59b6f67c280adc437f11e2f64
android-reverse-engineering…/README.md
T
Simone Avogadro 5ec451e352 commit iniziale
2026-02-02 16:18:11 +01:00

5.2 KiB
Raw Blame History

Android Reverse Engineering — Claude Code Plugin

A Claude Code plugin for decompiling Android APK/XAPK/JAR/AAR files with jadx, tracing call flows through application code, and documenting extracted APIs.

What it does

  • Decompiles APK, XAPK, JAR, and AAR files using jadx and Fernflower/Vineflower (single engine or side-by-side comparison)
  • Analyzes app structure: manifest, packages, architecture patterns
  • Traces call flows from Activities/Fragments through ViewModels and repositories down to HTTP calls
  • Extracts and documents APIs: Retrofit endpoints, OkHttp calls, hardcoded URLs, auth patterns
  • Handles obfuscated code: strategies for navigating ProGuard/R8 output

Requirements

Required:

  • Java JDK 17+
  • jadx (CLI)

Optional (recommended):

See plugins/android-reverse-engineering/skills/android-reverse-engineering/references/setup-guide.md for detailed installation instructions.

Installation

From GitHub (recommended)

Inside Claude Code, run:

/plugin marketplace add simonea/android-reverse-engineering-skill
/plugin install android-reverse-engineering@android-reverse-engineering-skill

The plugin will be permanently available in all future sessions.

From a local clone

git clone https://github.com/simonea/android-reverse-engineering-skill.git

Then in Claude Code:

/plugin marketplace add /path/to/android-reverse-engineering-skill
/plugin install android-reverse-engineering@android-reverse-engineering-skill

Usage

Slash command

/decompile path/to/app.apk

This runs the full workflow: dependency check, decompilation, and initial structure analysis.

Natural language

The skill activates on phrases like:

  • "Decompile this APK"
  • "Reverse engineer this Android app"
  • "Extract API endpoints from this app"
  • "Follow the call flow from LoginActivity"
  • "Analyze this AAR library"

Manual scripts

The scripts can also be used standalone:

# Check dependencies
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/check-deps.sh

# Install a missing dependency (auto-detects OS and package manager)
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/install-dep.sh jadx
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/install-dep.sh vineflower

# Decompile APK with jadx (default)
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh app.apk

# Decompile XAPK (auto-extracts and decompiles each APK inside)
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh app-bundle.xapk

# Decompile with Fernflower
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh --engine fernflower library.jar

# Run both engines and compare
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh --engine both --deobf app.apk

# Find API calls
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/ --retrofit
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/ --urls

Repository Structure

android-reverse-engineering-skill/
├── .claude-plugin/
│   └── marketplace.json                    # Marketplace catalog
├── plugins/
│   └── android-reverse-engineering/
│       ├── .claude-plugin/
│       │   └── plugin.json                 # Plugin manifest
│       ├── skills/
│       │   └── android-reverse-engineering/
│       │       ├── SKILL.md                # Core workflow (5 phases)
│       │       ├── references/
│       │       │   ├── setup-guide.md
│       │       │   ├── jadx-usage.md
│       │       │   ├── fernflower-usage.md
│       │       │   ├── api-extraction-patterns.md
│       │       │   └── call-flow-analysis.md
│       │       └── scripts/
│       │           ├── check-deps.sh
│       │           ├── install-dep.sh
│       │           ├── decompile.sh
│       │           └── find-api-calls.sh
│       └── commands/
│           └── decompile.md                # /decompile slash command
├── LICENSE
└── README.md

References

License

Apache 2.0 — see LICENSE

Reference in New Issue View Git Blame Copy Permalink