16 个仓库
Desktop applications for browsing and inspecting the internal structure of compiled Java classes and JAR files.
Distinguishing note: No existing candidate captures the specific identity of a Java bytecode viewer tool.
Explore 16 awesome GitHub repositories matching development tools & productivity · Java Bytecode Viewers. Refine with filters or upvote what's useful.
This project is a Java bytecode reverse engineering suite that functions as a disassembler, decompiler, and editor for Java class files and Android APK binaries. It provides tools to transform compiled bytecode into assembly instructions or readable source code. The toolset supports Android APK analysis and Java binary patching, allowing for the modification of source code or bytecode and subsequent recompilation into functional binaries. It includes capabilities for removing Java obfuscation and performing malware analysis through the detection of malicious code patterns. The system incorpo
Converts compiled Java classes into assembly instructions for detailed low-level code analysis.
This project is a desktop application designed for the reverse engineering and inspection of compiled Java code. It functions as a graphical interface that translates Java bytecode back into readable source code, allowing users to examine the internal logic of class files and archives when original source files are unavailable. The tool provides a structured environment for navigating complex file hierarchies, including nested archives like JAR and WAR files. By maintaining an in-memory representation of loaded classes, it enables rapid searching and cross-referencing of code elements. The ap
Provides a desktop application for browsing and inspecting the internal structure of compiled Java classes and JAR files.
dex2jar is an Android dex decompiler and reverse engineering tool designed to convert Dalvik executable bytecode into Java class files. It functions as a bytecode converter that transforms compiled Android binaries into a format compatible with standard Java analysis tools. The project facilitates Android app decompilation and Java bytecode recovery by translating executable files into readable structures. This allows for the analysis of application logic and the identification of security vulnerabilities or malicious behavior during Android malware analysis. The tool performs static bytecod
Transforms compiled bytecode between different formats to facilitate source code recovery.
Android Classyshark is a binary analysis toolset designed to extract structural data from Android executable files. It functions as a bytecode viewer and binary XML parser to analyze compiled Java and Android binaries. The project converts binary XML files into readable formats for the inspection of application manifests, layouts, and resource files. It also provides the ability to analyze class interfaces, members, and dependency counts without requiring access to the original source code. The toolset supports static analysis and the export of binary information into plain text formats for
Provides a tool for inspecting Java and Android binaries to analyze class interfaces and dependency counts.
A bytecode optimizer for Android apps
Reads and transforms .dex files through a structured framework for custom optimization passes.
BlackDex is an Android runtime-level DEX extraction tool that recovers bytecode from protected APK files across Android versions 5 through 12 without requiring root access. It operates by hooking system APIs, reading DexFile cookies, and repairing obfuscated method bodies from memory, supporting both 32-bit and 64-bit architectures for installed and uninstalled applications. The tool distinguishes itself through a multi-method approach that combines cookie-based dumping, API hooking, and memory-based instruction repair to handle first through third generation packers. It reconstructs method b
Recovers DEX files from obfuscated or packed Android applications by bypassing protection layers.
This project is a collection of malware analysis reports and decompiled code focused on a backdoor embedded within an Android application. It serves as a study of Android APK malware, documenting the specific code patterns used for unauthorized data access and system security bypasses. The research focuses on dynamic bytecode loading and the execution of remote files to implement persistence. It specifically analyzes mechanisms for downloading and running remote Dalvik Executable files to change application behavior without updating the installed package. The analysis covers several security
Investigates the mechanism of downloading and executing remote Dalvik Executable files for persistence.
gradle-retrolambda 是一个 Gradle 插件和字节码转换器,旨在让旧版 Java 和 Android 运行时环境能够使用现代 Java Lambda 表达式。它作为一个回溯移植(backporting)工具,确保现代函数式编程语法与旧版虚拟机保持兼容。 该项目通过转换已编译的类文件,使其兼容 Java 6 和 7 环境。这使得在必须保持与旧版 API 级别和旧款 Android 设备兼容的项目中,也能使用现代 Java 特性。 该工具集成在 Gradle 构建自动化流程中,通过编译后转换来修改二进制输出。它利用字节码层面的脱糖(desugaring)技术,将 Lambda 表达式转换为匿名内部类,并生成兼容的运行时桥接代码。
Gradle plugin that converts Java lambda expressions into bytecode compatible with Java 6 and 7 environments.
Hooker 是一个用于 Android 应用程序动态插桩、内存分析和去混淆的工具包。它作为一个逆向工程框架,使用 Frida 将脚本注入正在运行的进程中,监控原生调用并提取可执行的 DEX 文件。 该项目提供了用于绕过安全控制的专用工具,包括禁用 SSL 证书验证和 BoringSSL 固定以实现 HTTPS 流量拦截。它包括检测应用程序加固、通过 Hook 加密算法提取加密密钥以及规避 Root 或调试环境检查的功能。 该框架涵盖了广泛的分析功能,包括用于检测活动组件的内存扫描、用于网络流量路由的 SOCKS5 代理配置以及 UI 交互分析。它还支持收集设备指纹和调试嵌入式 WebView。
Frida dumps memory to retrieve executable files from protected or packed Android applications.
cglib 是一套用于 JVM 字节码生成、类转换和动态代理的工具。它提供了一个高级 API,用于在运行时创建和转换 Java 字节码以修改类行为,并提供了一个用于拦截方法调用和字段访问的框架。 该项目实现了动态代理生成以支持面向切面编程 (AOP) 和自定义数据访问模式。它还包括一个序列化管理器,通过添加特定方法和控制代理类中的对象替换来实现序列化契约。 该库涵盖了字节码操作和运行时代码转换,以便在类加载前更改类结构。它还包括性能优化技术,通过方法过滤和轻量级回调来减少代理开销。
Modifies the structure and instructions of compiled bytecode to change behavior before classes load.
This project is an Android Gradle build plugin designed to automate the creation of multiple channel-specific application packages from a single build process. It functions as an APK variant generator that injects unique distribution identifiers into application packages to track installation sources across different app stores. The tool manages the entire distribution lifecycle, from defining target channels via external configuration to generating the corresponding package variants. It uses template-based artifact naming with dynamic placeholders to organize output files and includes a syst
Modifies compiled application files after the build to embed metadata without requiring a full recompilation.
本项目是一个全面的 Android 逆向工程套件,具有反编译器、字节码去混淆器和恶意软件分析工具的功能。它旨在将 APK、DEX 和 OAT 二进制文件转换为人类可读的源代码,并使用无需 Java 虚拟机 (JVM) 的原生实现。 该平台通过与 Frida 集成进行动态分析而脱颖而出,允许用户实时挂钩方法、注入自定义 JavaScript 并转储设备内存。它还具有专门的安全引擎,包括污点传播引擎和栈状态机,以检测隐私泄露、恶意行为和安全漏洞。 该套件涵盖了广泛的分析功能,包括二进制补丁和重打包、交叉引用依赖映射和数据流分析。它提供了用于软件加壳识别、加密字符串解码以及跨应用程序资源进行全局元数据搜索的工具。 该工具提供命令行界面,并支持通过自定义 Python 或 Java 脚本进行分析自动化。
Recovers DEX files from protected or packed Android applications by bypassing protection layers.
frida-dexdump is an Android memory forensics tool that recovers Dalvik Executable (DEX) files from running application processes using the Frida dynamic instrumentation framework. It functions as a Frida-based runtime analyzer and DEX memory dumper, capable of extracting obfuscated or packed DEX files without modifying the Android system. The tool distinguishes itself through its ability to repair corrupted or missing DEX file headers using heuristic analysis and fuzzy matching techniques. It employs fuzzy boundary detection to identify DEX file boundaries in memory even when headers are dama
Extracting Dalvik Executable files from active app processes without modifying the Android system.
This repository is a collection of technical knowledge and solutions focused on mobile application development, particularly for Android and iOS platforms. It covers a wide range of practical engineering challenges, including hotfix and patching techniques, database management and repair, network communication, logging, and video processing. The content is presented as shared knowledge, documenting real-world problems and their implementations. The project provides detailed guidance on applying hotfixes to running Android applications through multiple methods, such as class replacement, full
Generates patches from DEX file differences and reconstructs full DEX at runtime for Android hotfixes.
pyinstxtractor is a PyInstaller executable unpacker and Python bytecode recovery tool. It functions as a helper for decompiling compiled Python binaries by extracting bundled binaries and bytecode from executables created with PyInstaller. The project includes a bytecode decryptor to remove encryption from extracted files and a header repair tool that restores corrupted headers. These capabilities ensure that extracted compiled files are compatible with bytecode decompilation software. The utility covers reverse engineering of Python applications, supporting malware analysis workflows throug
Restores original bytecode structures, including headers and decrypted content, from compiled binaries.
TeaVM is a Java bytecode transpiler and browser-based JVM runtime that converts compiled Java class files into JavaScript or WebAssembly. It functions as a compiler and build pipeline tool that enables applications written in various JVM languages to execute natively within a web browser. The project distinguishes itself by transforming bytecode directly into optimized web formats without requiring the original source code. It includes a WebAssembly bytecode compiler for high-performance execution and a specialized emulation system to handle asynchronous multithreading within the single-threa
Converts JVM bytecode into JavaScript or WebAssembly for execution in a web browser.