The definitive toolkit for Android reverse engineering and malware analysis.
T

The definitive toolkit for Android reverse engineering and malware analysis.

The definitive toolkit for Android reverse engineering and malware analysis.

2,425 stars
N/A forks
N/A contributors

README

Project documentation from GitHub

The Android Reverse Engineer's Toolkit

If you've ever needed to peek inside an Android APK, understand a suspicious app's behavior, or just learn how a particular mobile feature was implemented, you know the landscape of tools is vast and scattered. Finding the right utility for decompilation, dynamic analysis, or traffic inspection often means hopping between blog posts and old forum threads.

That's where this curated list comes in. It’s not a single tool, but a comprehensive, living catalog designed to be the starting point for anyone diving into Android reverse engineering or malware analysis. Think of it as your new bookmark for everything you need to safely take apart and examine Android applications.

What It Does

The Awesome Android Reverse Engineering repository is a meticulously organized collection of resources. It categorizes and links to tools for every stage of the analysis process. You'll find sections dedicated to disassemblers and decompilers (like JADX and Ghidra), tools for dynamic analysis and debugging (Frida, Objection), network traffic interceptors (Burp Suite, mitmproxy), and even utilities for working with obfuscated code or rooting devices. It also includes essential learning resources like books, blogs, and courses to build your foundational knowledge.

Why It's Cool

The real value here is in the curation and structure. Anyone can make a list of links, but this repo organizes the chaos. It separates tools by their specific purpose, making it easy to find exactly what you need for the task at hand—whether you're statically analyzing an APK's manifest or dynamically hooking a method at runtime. It saves you the hours of digging to rediscover that one perfect script or framework you saw six months ago.

For developers, it's not just for security researchers. This toolkit can be incredibly useful for learning best practices (or anti-patterns) from other apps, debugging complex issues in third-party libraries, or understanding how your own app might appear to a reverse engineer (and how to protect sensitive logic). It democratizes a skillset that often seems gatekept behind complex setups.

How to Try It

There's nothing to install. This is a knowledge base. To get started:

  1. Head over to the GitHub repository: Awesome Android Reverse Engineering
  2. Browse the well-organized README. Start with the Table of Contents to jump to your area of interest.
  3. Pick a tool from a relevant category (e.g., Disassemblers or Dynamic Analysis), follow its link, and set it up according to its own documentation.

The best approach is to pick a simple, non-critical APK and follow a workflow: use a disassembler from the list to view the code, then try a dynamic analysis to

Did you like this issue?

Join our weekly newsletter

Love discovering amazing projects?

Help us continue bringing you the best open-source discoveries every week.

Back to Projects
Last updated: Jan 4, 2026