Reverse engineering and pentesting for Android applications
Simplify is an Android virtual machine sandbox, bytecode execution tracer, and static analysis framework. It serves as a Dalvik bytecode deobfuscator designed to recover readable code from binaries by simulating program behavior without a physical device. The project distinguishes itself by using execution graph analysis to resolve reflection calls and simplify obfuscated code through constant propagation and dead code removal. It employs multi-path execution simulation to track all possible conditional branch outcomes and maps instruction flow to identify constant values. The system covers
Hooker is a toolkit for the dynamic instrumentation, memory analysis, and deobfuscation of Android applications. It functions as a reverse engineering framework that uses Frida to inject scripts into running processes, monitor native calls, and extract executable DEX files. The project provides specialized utilities for bypassing security controls, including tools to disable SSL certificate validation and BoringSSL pinning to enable HTTPS traffic interception. It includes capabilities for detecting application packing, extracting cryptographic keys by hooking encryption algorithms, and circum
Recaf is a suite of specialized tools for assembling, editing, deobfuscating, decompiling, and instrumenting Java bytecode and runtime processes. It provides a coordinated environment for modifying compiled Java class files and analyzing the behavior of Java applications. The project distinguishes itself through a multi-level abstraction layer that allows for editing across different formats and a pluggable framework that routes bytecode through multiple configurable decompilation engines. It includes an embedded scripting engine and plugin architecture to automate repetitive tasks and extend