A set of JEB Python/Java scripts for reverse engineering Android obfuscated code
-
HelloWorld.py
- Display message box.
-
ListingMethods.py
- Print all methods in dex.
-
InvokedMethods.py
- Get caret position and print invoked methods from it.
-
RenameObfuscatedClasses.py
- Rename obfuscated class names by using super class name.
-
AlertMarker.py
- Set(unset) alert marker to focused method.
-
getMethodSignatures.py
- Get method signatures from an APK and store them into a text file for parsing it later on. (Use the Java version)
-
getMethodsFromClass.py
- Get method from a class and print them out.
-
ASTRemoveDummySwitch.py
- Remove dummy switches
-
ObadDecrypt.py
- Decrypt Obad strings before performing unreflection
-
ObadUnreflect.py
- Replace reflection calls by direct method calls
- fixObfousClass.py
-
DeCluster.java
- Renaming obfuscated class/methods/fields names (@jcase)
-
DeClusterMod.java
- Renaming obfuscated class/methods/fields names with filter and string format added
-
DexGuardStringDecoder.java
- Decrypt DexGuard encrypted Strings (Anton Kosterin)
-
getMethodSignatures.java
- Get method signatures from an APK and store them into a text file for parsing it later on.
-
grepDeobfuscationRoutines.py
- Filter possible obfuscator routines from a method signatures list (First use getMethodSignatures.java)
Sample automation scripts for JEB(Android Interactive Decompiler).
Usage of JEB automation is here.
JEB API reference is here.