Tools

posted
Category: Tools
Minimum SDK Level: ICS (14 | 4.0.0 - 4.0.2)
Github Information:
0 0 0 0

Automatically copy SMS verification code into the app

1
posted
Category: Tools
Minimum SDK Level: None (1 | 1.0)
Github Information:
0 0 0 0

Android vector icon animation tool

1
posted
Category: Tools
Minimum SDK Level: None (1 | 1.0)
Github Information:
0 0 0 0

A very simple bare-minimum WebSocket client for Android.

0
posted
Category: Tools
Minimum SDK Level: Froyo (8 | 2.2.x)
Github Information:
0 0 0 0

A useful tool for Android Developers, which shows the package name and class name of current activity.

1
posted
Category: Tools
Minimum SDK Level: Gingerbread (9 | 2.3.0 - 2.3.2)
Github Information:
0 0 0 0

An Advanced Compress Image Library for Android

0
posted
Category: Tools
Minimum SDK Level: None (1 | 1.0)
Github Information:
0 0 0 0

Control and manage Android devices from your browser.

3
posted
Category: Tools
Minimum SDK Level: None (1 | 1.0)
Github Information:
0 0 0 0

A fast build system that encourages the creation of small, reusable modules over a variety of platforms and languages.

1
posted
Category: Tools
Minimum SDK Level: Honeycomb (11 | 3.0.x)
Github Information:
0 0 0 0

Simple and powerful MVP library for Android

1
posted
Category: Tools
Minimum SDK Level: Froyo (8 | 2.2.x)
Github Information:
425 57 20 3

jlog is an useful log tool for android developers.

2
posted
Category: Tools
Minimum SDK Level: ICS (14 | 4.0.0 - 4.0.2)
Github Information:
353 74 22 4

Simplify getting user's location for Android

2
apk
posted
Category: Tools
Minimum SDK Level: ICS (14 | 4.0.0 - 4.0.2)
Github Information:
1568 330 70 8

判断指定App是否位于前台的方法

2
apk
posted
Category: Tools
Minimum SDK Level: ICS (14 | 4.0.0 - 4.0.2)
Github Information:
471 74 22 3

Set of useful android network tools

3
apk
posted
Category: Tools
Minimum SDK Level: ICS (15 | 4.0.3 - 4.0.4)
Github Information:
1635 114 68 19

A light but powerful ORM and SQL query generator for Java/Android with RxJava and Java 8 support.

2
apk
posted
Category: Tools
Minimum SDK Level: ICS (14 | 4.0.0 - 4.0.2)
Github Information:
174 34 9 1

This is a helper class actually, it simplifies having a view as rotatable by setting touch events and handling a lot of boilerplate works! So if you need a component that needs to be able to rotate by touch, you do not have to deal with all these stuff.

1
posted
Category: Tools
Minimum SDK Level: Unknown :(
Github Information:
77 26 6 2

apk多渠道打包定制工具

2
apk
posted
Category: Tools
Minimum SDK Level: ICS (15 | 4.0.3 - 4.0.4)
Github Information:
4467 789 185 61

This project aims to provide an ultimate and flexible image cropping experience. Made in Yalantis

10
posted
Category: Tools
Minimum SDK Level: Jelly Bean (16 | 4.1.0 - 4.1.1)
Github Information:
1133 463 78 0

common utils

1
apk
posted
Category: Tools
Minimum SDK Level: None (1 | 1.0)
Github Information:
518 68 25 3

An uncaught exception handler library like Square's LeakCanary.

1
posted
Category: Tools
Minimum SDK Level: Unknown :(
Github Information:
1137 224 82 1

This is an collection of android reverse tools

Chinese

  • apktool:
    • decode resources
    • decode dex to smali
    • rebuild a new apk after changing smali codes
  • dex2jar: dex转为jar工具
    • convert dex to jar file
    • decode to smali rebuild from it
  • jd-gui:

    • decode .class files to java code
    • has plugins for Eclipse, IntelliJ/Android Studio
    • has beautiful gui

  • jadx:

    • decode dex to jar
    • a similar gui with jd-gui

    • without the need to unzip apk first, you can just send a apk to it, can it will do all the stuff for you
  • androguard:

    • use DAD as the decompiler
    • can also configure to use dex2jar + jad to decompile
    • malware and good ware analysis
    • has python api to write custom extensions
    • support visualization
  • enjarfy

    • a reverse tool built by google
    • translate dalvik bytecode to java bytecode
    • compared to dex2jar: > Enjarify correctly handles unicode class names, constants used as multiple types, implicit casts, exception handlers jumping into normal control flow, classes that reference too many constants, very long methods, exception handlers after a catchall handler, and static initial values of the wrong type
  • jeb

    • a buisiness software(although the demo version is free)
    • a powful decompile from bytecode to java, better handling of loop
    • can edit dynamiclly, add tags, rename package names
    • support python api
2
posted
Category: Tools
Minimum SDK Level: Unknown :(
Github Information:
547 369 90 4

DexHunter aims at unpacking hardened dex file automatically.

DexHunter is based on the source code of Android runtime. It is composed of modified ART and DVM runtime. You can use the modified runtime to replace the original content in Android source codes (Android 4.4.3). The modification is mainly in "art/runtime/class_linker.cc" (ART) and "dalvik/vm/native/dalvik_system_DexFile.cpp" (DVM).

Usgae:

If you want to unpack an app, you need to push the "dexname" file to "/data/" in the mobile before starting the app. The first line in "dexname" is the feature string (referring to "slide.pptx"). The second line is the data path of the target app (e.g. "/data/data/com.test.test/"). Its line ending should be in the style of Unix/Linux. You can observe the log using "logcat" to determine whether the unpacking procedure is finished. Once done, the generated "whole.dex" file is the wanted result which is located in the app's data directory.

Tips:

1) DexHunter simply reuses the content before "class_def" section instead of parsing them for the efficiency. If there are some problems, you can parse and reassemble them again or amend them statically.

2) It is worth noting that some "annotation_off" or "debug_info_off" fields may be invalid in the result. These fileds have nothing to do with execution just to hinder decompiling. We do not deal with this situation specifically for the moment. You can just program some scripts to set the invalid fileds with 0x00000000.

3) As is known, some hardening services can protect several methods in the dex file by restoring the instructions just before being executed and wiping them just after finished. So you also need to modify the "DoInvoke" (ART) or "dvmMterp_invokeMethod" (DVM) function to extract the protected instruction while being executed.

4)The feature string may be changed along with the evolution of hardening services.

DexHunter has its own limitation. As the hardening services develop, DexHunter may be not effective in the future. If you are interested, you can amend DexHunter to keep pace with hardening services continuously.

File description:

"slide.pptx" is the presentation material of HITCON 2015 depicting the design and implementation of DexHunter.

"demo.mp4" is the demonstration video of unpacking a hardened app by Ali.

"test.apk" is the sample used in the video.

"dexname" is the configuration file used in the video.

"art" directory is the modified runtime for ART.

"dalvik" directory is the modified runtime for DVM.

If you have any question, please contact me via emails to zyq8709@gmail.com.

If you use this code, please cite the following paper. Thanks!

Yueqian Zhang, Xiapu Luo, and Haoyang Yin, DexHunter: Toward Extracting Hidden Code from Packed Android Applications, Proceedings of the 20th European Symposium on Research in Computer Security (ESORICS), Vienna, Austria, September 2015.

@inproceedings{DexHunter15,
Title = {DexHunter: Toward Extracting Hidden Code from Packed Android Applications},
Author = {Yueqian Zhang and Xiapu Luo and Haoyang Yin},
Booktitle = {Proc. ESORICS},
Year = {2015}}

0