Android Reverse engineering tools

There are two main types of programming on Android, one using the adroid SDK (software Development Kit) and Java development, one using the Android NDK (Native Development Kit) , because the Android kernel is based on Linux kernel, it is the most convenient way to use C + +, but it is relatively complex. This is about the way Java is developed.

Java virtual machines on adroid Dalvik virtual machines and classic Java operating modes are roughly the same, but Dalvik virtual machines are customized for adroid system optimizations.

Standard Java development process, compile-time with Java JDK (Java development Kit) compiles Java source files to a. class file that is a Java bytecode file (multiple. class files can be packaged as. jar files, just packaged), and A. Class byte code is running in a standard Java virtual machine.
The Java compilation process on adroid also needs to be compiled into a. class file, but also requires the DX tool in the Android SDK to convert the. class file to a. dex file (the Dex bytecode is executed in the Dalvik virtual machine), and then use the Android The packaging tool in the SDK aapt. dex files, resource files, manifest.xml packaged. apk files, and. apk files are the final programs that can be released.

There is a so-called native application native program in mobile platform development, which is relative to the Hyrid application in Web development, The previous two programming methods on Android can be counted as the native development of the native Application,ios platform on the Android platform using OBJECT-C development, but now the swift language is also used instead.
Because the mobile platform is becoming more and more complex, front-end/client Web development is becoming more and more complex, but a native container to provide a unified interface for each platform function is a trend, so there is hybrid application mode. Hyrid application in Web development refers to the client, using a browser on a client (Android or iOS), such as the UIWebView in IOS, the webview in Android, as a running carrier, Hyrid Application itself with HTML5, CSS, JavaScript written, can be Cordova packaged into a native program access to run the platform function, a set of code to run multiple mobile platforms, compared to each platform set native Application's development method greatly reduces the workload, but the disadvantage is poor performance, PhoneGap is a variant of Cordova is used by the JavaScript library ExtJS.
Https://en.wikipedia.org/wiki/Apache_Cordova#Design_and_rationale

Apache Cordova(formerlyPhoneGapis a mobile application development framework originally created by Nitobi. Adobe Systems purchased Nitobi in, rebranded it as PhoneGap, and later released an open source version of the Softwar E called Apache Cordova.^{[3] Apache Cordova enables software programmers to build applications for mobile devices using CSS3, HTML5, and JavaScript Instead of relying on platform-specific APIs like those in Android, IOS, or Windows Phone.[4] It enables wrapping up of CSS, HTML, and JavaScript code depending upon the platform of the device. It extends the features of HTML and JavaScript to work with the device. The resulting applications is hybrid, meaning that they is neither truly native mobile application (because all layout r Endering is do via Web views instead of the platform ' s native UI framework) nor purely web-based (because they was not J UST Web Apps, but is packaged as apps for distribution and has access to native device APIs). Mixing native and hybrid code snippets has been possible since version 1.9.
......
The core of Apache Cordova applications use CSS3 and HTML5 for their rendering and JavaScript for their logic. HTML5 provides access to underlying hardware such as the accelerometer, camera, and GPS. However, browsers ' support for html5-based device access was not consistent across mobile browsers, particularly older vers Ions of Android. To overcome these limitations, Apache Cordova embeds the HTML5 code inside a native WebView on the device, using a foreign function interface to access the native resources of it.[+]}

Apache Cordova can be extended with native plug-ins, allowing developers to add more functionalities so can be called fr Om JavaScript, making it communicate directly between the native layer and the HTML5 page. These plugins allow access to the device's accelerometer, camera, compass, file system, microphone, and more.

However, the use of web-based technologies leads some Apache Cordova applications to run slower than native applications W ith similar functionality. ^{[+] Adobe Systems warns that applications is rejected by Apple for being too slow or not feeling "native" enough (Has appearance and functionality consistent with "what the users had come to expect on the platform). This can is a issue for some Apache Cordova applications.} [[]

The native functionality of the react front-end library is similar to Cordova and provides a functional buffer layer between the running platform and the app app.
https://facebook.github.io/react-native/

1. Apktool
Decompile app files on Android apk to Smali code. Apktool the. apk file will have a Smali directory and a file that ends in the directory. Smali.
Apktool GUID of Installation:
https://ibotpeaches.github.io/Apktool/install/

Smali and Dex are easy to confuse because the Dalvik virtual machine is running Dex byte code, From the process of loading the. apk file into the Dalvik virtual machine to run again, there is no Smali where the code exists, and. smali files and. dex files can be converted to each other, because. Dex bytecode is not easy to read, and the code that is converted to Smali syntax is much easier to read and easier to modify, modify After the. Smali can be converted to. Dex bytecode, re-packaged and re-signed with the AAPT tool, Then a modified. apk file is completed, but only if there is a signature key for the original. apk file, but for some vendors, the signature key for their. apk file can be bought ...
Https://www.quora.com/What-is-smali-in-Android

Smali/baksmali is a assembler/disassembler for the DEX format used by Dalvik, Android ' s Java VM implementation. The names "Smali" and "Baksmali" are the Icelandic Icelandic equivalents of "assembler" and "Disassembler" respectively.

Https://stackoverflow.com/questions/30837450/what-is-smali-code-android

When you create an application code, the APK file contains a. dex file, which contains binary Dalvik bytecode. This is the format of the platform actually understands. However, it's not easy-to-read or modify binary code, so there is tools out there to convert to and from a human readable Representation. The most common human readable format is known as Smali.

But the platform doesn ' t know anything about Smali, it's just a tool-to-make it easier-work with the bytecode.

2. Signapk.jar
Signapk.jar is the Android SDK comes with a tool that uses Android's own Signapk.jar +. X509.pem +. Pk8 signing application. This is more than a year ago wrote the summary, now can't find the directory, dizzy, have to re-find.

3. Dex2jar
You can decompile the. dex file into a. jar file, and then the. jar file can be viewed with Jd-jui, and the Jd-jui itself can view the. jar files compiled by standard Java.
Https://github.com/pxb1988/dex2jar

4. Jd-jui
Jd-jui itself can view the. jar files compiled by standard Java.
http://jd.benow.ca/

5. apkpure.com
Is it annoying? The app download and install on Android has to go through the App Store, Then try to find the download on the apkpure.com, I personally verified that apkpure.com can download the apk file, the APK is verified, has not been replaced, because I use the APK author or the vendor's public signature key to the apkpure.com downloaded APK checksum is correct.
However, the disadvantage is that the program automatically upgrade to go through the App Store, apkpure.com downloaded apk installed after the upgrade may be manual.

Android Reverse engineering tools