30 open-source projects similar to google/dexmod, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Dexmod alternative.
WIP Simple mobile applications sandbox file browser tool. Powered with frida.re.
Reverse engineering and pentesting for Android applications
Angr is a binary analysis framework and static analysis tool used for reverse engineering compiled binaries. It serves as a binary decompiler and a lifting platform that translates machine code into a common intermediate representation to enable cross-architecture analysis. The framework integrates a symbolic execution engine and constraint solvers to determine the inputs required to reach specific program states. It also employs untrusted code sandboxing to isolate guest code from the host environment during analysis. Its capabilities cover control flow and data flow analysis, including the
Android Reverse-Engineering Workbench for VS Code
Android Framework for Exploitation, is a framework for exploiting android based devices
RetDec is a reverse engineering framework and static binary analysis tool. Its primary purpose is to function as an LLVM-based machine code decompiler that translates binary machine code from multiple architectures into high-level C source code. The system employs a multi-stage lifting pipeline to recover program logic, using an intermediate representation to apply optimizations before emitting source code. It distinguishes itself through the ability to identify compilers and packers, perform executable unpacking, and reconstruct class hierarchies and original program structures. The framewo
PhoneSploit-Pro is an Android exploitation and remote administration toolkit. It provides a system for remotely controlling Android devices and extracting data using the Android Debug Bridge protocol. The project integrates with Metasploit to automate the creation and installation of payloads, establishing persistent command-and-control sessions. It also includes a network device scanner to identify active Android hosts on local networks by probing TCP ports. The toolkit covers a broad range of administrative and forensic capabilities, including remote shell execution, application management
ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
Simplify is an Android virtual machine sandbox, bytecode execution tracer, and static analysis framework. It serves as a Dalvik bytecode deobfuscator designed to recover readable code from binaries by simulating program behavior without a physical device. The project distinguishes itself by using execution graph analysis to resolve reflection calls and simplify obfuscated code through constant propagation and dead code removal. It employs multi-path execution simulation to track all possible conditional branch outcomes and maps instruction flow to identify constant values. The system covers
An automatic obfuscation tool for Android apps that works in a black-box fashion, supports advanced obfuscation features and has a modular architecture easily extensible with new techniques
Decompiler from Java bytecode to Java, used in IntelliJ IDEA.
Frida is a dynamic binary instrumentation toolkit that provides a framework for deep process introspection and live application state manipulation. It enables the injection of custom scripts into running processes to trace function calls, modify memory, and analyze application behavior in real-time across diverse operating systems and processor architectures. The project distinguishes itself by embedding a high-performance JavaScript engine directly within the target process, allowing for the execution of user-defined logic for real-time inspection. It utilizes instruction-level hooking to re
Run arbitrary code by patching OAT files
Enjarify is a tool for translating Dalvik bytecode to equivalent Java bytecode. This allows Java analysis tools to analyze Android applications.
Apktool is an Android APK reverse engineering tool designed to decode application packages into human-readable form and rebuild them after modification. It functions as a Dalvik bytecode disassembler and a resource decoder, transforming binary Android XML and DEX files into editable text and Smali representation. The project serves as an application rebuilder, packing modified resources and Smali code back into a functional Android application package. This capability enables the modification of application logic and resources for testing and deployment. The tool covers a broad surface of an
Full featured multi arch/os debugger built on top of PyQt5 and frida
Bypass signature and permission checks for IPCs
Security profiling for blackbox Android
This project is a desktop application designed for the reverse engineering and inspection of compiled Java code. It functions as a graphical interface that translates Java bytecode back into readable source code, allowing users to examine the internal logic of class files and archives when original source files are unavailable. The tool provides a structured environment for navigating complex file hierarchies, including nested archives like JAR and WAR files. By maintaining an in-memory representation of loaded classes, it enables rapid searching and cross-referencing of code elements. The ap
Smali is a two-way binary translation toolset designed to convert Dalvik bytecode to human-readable assembly and back again. It provides a mechanism for the disassembly and assembly of executable files used in virtual machine environments. The project enables the modification of compiled Android application logic by transforming binary files into editable assembly and rebuilding them. It is used for reverse engineering, malware analysis, and the study of low-level instructions to identify program behavior or security flaws. The toolkit covers binary construction through smali code assembly a
Diaphora, the most advanced Free and Open Source program diffing tool.
This project is a Java bytecode reverse engineering suite that functions as a disassembler, decompiler, and editor for Java class files and Android APK binaries. It provides tools to transform compiled bytecode into assembly instructions or readable source code. The toolset supports Android APK analysis and Java binary patching, allowing for the modification of source code or bytecode and subsequent recompilation into functional binaries. It includes capabilities for removing Java obfuscation and performing malware analysis through the detection of malicious code patterns. The system incorpo
Malimite is an iOS and macOS decompiler designed to help researchers analyze and decode IPA files and Application Bundles.
ARMANDroid - anti-repackaging tool for Android apps
This project is a command-line forensic toolkit designed for the investigation and security auditing of mobile devices. It provides a framework for collecting system logs, application data, and forensic artifacts to identify potential security breaches, unauthorized access, or evidence of malicious activity. The utility employs a modular extraction architecture that parses diverse file formats and system logs into a standardized, normalized data structure. By utilizing this unified format, the tool performs both heuristic analysis of system metadata and pattern matching against structured thr