1.6 KiB
1.6 KiB
| description | applyTo |
|---|---|
| Android reverse engineering with jadx and Fernflower — decompile APK/JAR/AAR, extract Retrofit/OkHttp APIs, trace call flows | **/*.{apk,xapk,jar,aar} |
Android Reverse Engineering
Decompile Android packages using jadx (broad coverage) or Fernflower/Vineflower (higher quality Java).
Commands
# Check dependencies
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/check-deps.sh
# Install missing dependency
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/install-dep.sh <dep>
# Decompile
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh app.apk
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh --engine both --deobf app.apk
# Find API calls
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/ --retrofit
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/ --urls
Workflow
- Verify dependencies →
check-deps.sh - Decompile →
decompile.sh(jadx, fernflower, or both) - Analyze AndroidManifest.xml and package structure
- Trace call flows from Activities → ViewModels → Repositories → API calls
- Extract and document APIs →
find-api-calls.sh
References
See plugins/android-reverse-engineering/skills/android-reverse-engineering/references/ for detailed guides.