RomanNum3ral
/
android-reverse-engineering-skill
mirror of https://github.com/SimoneAvogadro/android-reverse-engineering-skill.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
android-reverse-engineering.../.github/instructions/android-re.instructions.md

40 lines
1.6 KiB
Markdown
Raw Blame History

---
description: 'Android reverse engineering with jadx and Fernflower — decompile APK/JAR/AAR, extract Retrofit/OkHttp APIs, trace call flows'
applyTo: '**/*.{apk,xapk,jar,aar}'
---
# Android Reverse Engineering
Decompile Android packages using jadx (broad coverage) or Fernflower/Vineflower (higher quality Java).
## Commands
```bash
# Check dependencies
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/check-deps.sh
# Install missing dependency
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/install-dep.sh <dep>
# Decompile
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh app.apk
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/decompile.sh --engine both --deobf app.apk
# Find API calls
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/ --retrofit
bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/find-api-calls.sh output/sources/ --urls
```
## Workflow
1. Verify dependencies → `check-deps.sh`
2. Decompile → `decompile.sh` (jadx, fernflower, or both)
3. Analyze AndroidManifest.xml and package structure
4. Trace call flows from Activities → ViewModels → Repositories → API calls
5. Extract and document APIs → `find-api-calls.sh`
## References
See `plugins/android-reverse-engineering/skills/android-reverse-engineering/references/` for detailed guides.
Reference in New Issue View Git Blame Copy Permalink