Search the Community

GDA(GJoy Dex Analysizer) Most reverse engineers mainly use Java decompiler, commercial Dalvik decompiler Jeb, and smali2java to analyze Android APPs. Java decompiler is based on Java bytecode, including JD, JD-GUI, jadx, and others. smali2java is a decompiler based on the Smali code. They have their own shortcomings, such as the Java decompiler depends on the conversion of dex2jar. For complex, obfuscated or packed apks, there is a problem of translation failure. smali2java decompiles Smali code which should be translated from DEX with apktool, so it increases the difficulty and error rate and decreases the speed of manual analysis. In addition, their interaction is poor, which increases the difficulty of manual analysis. Although the commercial Jeb has better interactivity, it is easy to death when analyzing a large-sized APP with the Multidex, and it is very expensive for me… Changelog v4.0 Fix the bug that all nodes were deleted when searching the class tree Fix the bug that inheritance methods or members cannot cross-reference #91 Fix the problem that the parameters/return-value are not displayed during data flow analysis #91 Fix the problem about the python plug-in #92 The constant propagation algorithm is optimized to correct the error of code output #90 Optimize the expression output and correct several errors of code output #90 The variable declaration and expression are further optimized Fix some crash bugs. Add translation utility for strings (with Google and Youdao). [hide][Hidden Content]]

GDA(GJoy Dex Analysizer) Most reverse engineers mainly use Java decompiler, commercial Dalvik decompiler Jeb, and smali2java to analyze Android APPs. Java decompiler is based on Java bytecode, including JD, JD-GUI, jadx, and others. smali2java is a decompiler based on the Smali code. They have their own shortcomings, such as the Java decompiler depends on the convert of dex2jar. For complex, obfuscated or packed apks, there is a problem of translation failure. smali2java decompiles Smali code which should be translated from DEX with apktool, so it increases the difficulty and error rate, and decreases the speed of manual analysis. In addition, their interaction is poor, which increases the difficulty of manual analysis. Although the commercial Jeb has better interactivity, it is easy to death when analyzing a large-sized APP with the Multidex, and it is very expensive for me… Changelog v3.97 A lot of novel optimizations and some updates have been added, and A lot of bugs have been fixed. In particular, the loading and analysis speed has been increased 3+ times faster than the old one. Double-clicking an interface method in an interface class, all implementations of the interface method will be displayed The memory limit is broken through and some problems caused by it is fixed Resource parsing and decompilation of resource classes are added The associated function of the permission module is disabled by default and can be enabled through the menu > View > PermissionRef The loading and parsing algorithms of classes, methods in the file are greatly optimized. DX tool is integrated into GDA. Optimizing the color configuration manager. Optimizing the Deobfuscation(much faster than the old) and fixing several bugs Loading analysis timeout prompt is added. The conversion of 64-bit integer data among with hexadecimal, hexadecimal, octal, character is added, and fix the problem that negative numbers cannot be converted correctly. The traversal algorithms of AllStrings and AppStringsare optimized to greatly improve the parsing speed. Add native methods and interfaces traversal function(pro). Optimize the display of callgraph of classes and methods. Resource file sensitive information detection is added to SensitiveInfo(pro). Optimize the search speed of string cross-reference. [hide][Hidden Content]]

GDA(GJoy Dex Analysizer) Most reverse engineers mainly use Java decompiler, commercial Dalvik decompiler Jeb, and smali2java to analyze Android APPs. Java decompiler is based on Java bytecode, including JD, JD-GUI, jadx, and others. smali2java is a decompiler based on the Smali code. They have their own shortcomings, such as the Java decompiler depends on the convert of dex2jar. For complex, obfuscated or packed apks, there is a problem of translation failure. smali2java decompiles Smali code which should be translated from DEX with apktool, so it increases the difficulty and error rate, and decreases the speed of manual analysis. In addition, their interaction is poor, which increases the difficulty of manual analysis. Although the commercial Jeb has better interactivity, it is easy to death when analyzing a large-sized APP with the Multidex, and it is very expensive for me… Changelog v3.96 Fix the memory call problem for Frida. Fix missing parentheses in multi-conditional expressions. #60 Fix the problem of inconsistent variable names caused by parent and child classes in different basic blocks. Add the saving of the js code for Frida when the device is not connected. The control flow analysis algorithm is further optimized. Implement the automatic propagation function of the overloaded method name renaming for the subclass of any class/interface. #65 [hide][Hidden Content]]

GDA(GJoy Dex Analysizer) Most reverse engineers mainly use Java decompiler, commercial Dalvik decompiler Jeb, and smali2java to analyze Android APPs. Java decompiler is based on Java bytecode, including JD, JD-GUI, jadx, and others. smali2java is a decompiler based on the Smali code. They have their own shortcomings, such as the Java decompiler depends on the convert of dex2jar. For complex, obfuscated or packed apks, there is a problem of translation failure. smali2java decompiles Smali code which should be translated from DEX with apktool, so it increases the difficulty and error rate, and decreases the speed of manual analysis. In addition, their interaction is poor, which increases the difficulty of manual analysis. Although the commercial Jeb has better interactivity, it is easy to death when analyzing a large-sized APP with the Multidex, and it is very expensive for me… Changelog v3.95 Fixed syntax error when executing a method [hide][Hidden Content]]

Most reverse engineers mainly use Java decompiler, commercial Dalvik decompiler Jeb and smali2java to analyze Android APPs. Java decompiler is based on Java bytecode, including JD, JD-GUI, jadx, and others. smali2java is a decompiler based on the Smali code. They have their own shortcomings, such as the Java decompiler depends on the convert of dex2jar. For complex, obfuscated or packed apks, there is a problem of translation failure. smali2java decompiles Smali code which should be translated from DEX with apktool, so it increases the difficulty and error rate, and decreases the speed of manual analysis. In addition, their interaction is poor, which increases the difficulty of manual analysis. Although the commercial Jeb has better interactivity, it is easy to death when analyzing a large-sized APP with the Multidex, and it is very expensive for me… Interactive operation: 1.cross-references for strings, classes, methods and fields; 2.searching for strings, classes methods and fields; 3.comments for java code; 4.rename for methods,fields and classes; 5.save the analysis results in gda db file. … Utilities for Assisted Analysis: 1.extracting DEX from ODEX; 2.extracting DEX from OAT; 3.XML Decoder; 4.algorithm tool; 5.device memory dump; … New features: 1.Brand new dalvik decompiler in c++ with friendly GUI; 2.Support python script 3.packers Recognition; 4.Multi-DEX supporting; 5.making and loading signature of the method 6.Malicious Behavior Scanning by API chains; 7.taint analysis to preview the behavior of variables; 8.taint analysis to trace the path of variables; 9.de-obfuscate; 10.API view with x-ref; 11.Association of permissions with modules; Changelog v3.79 Fixed some problems. Decompile support for .jar files, class .files and .aar files. A rule-based static vulnerability scanner is added. Add the APK file forensics analysis tool. Fixed a bug in variable renaming. Dump tool adds custom dump. Further, optimize intelligent renaming. [hide][Hidden Content]]

GDA(GJoy Dex Analysizer) Most reverse engineers mainly use Java decompiler, commercial Dalvik decompiler Jeb and smali2java to analyze Android APPs. Java decompiler is based on Java bytecode, including JD, JD-GUI, jadx, and others. smali2java is a decompiler based on the Smali code. They have their own shortcomings, such as the Java decompiler depends on the convert of dex2jar. For complex, obfuscated or packed apks, there is a problem of translation failure. smali2java decompiles Smali code which should be translated from DEX with apktool, so it increases the difficulty and error rate, and decreases the speed of manual analysis. In addition, their interaction is poor, which increases the difficulty of manual analysis. Although the commercial Jeb has better interactivity, it is easy to death when analyzing a large-sized APP with the Multidex, and it is very expensive for me… New features: 1.Brand new dalvik decompiler in c++ with friendly GUI; 2.Support python script 3.packers Recognition; 4.Multi-DEX supporting; 5.making and loading signature of the method 6.Malicious Behavior Scanning by API chains; 7.taint analysis to preview the behavior of variables; 8.taint analysis to trace the path of variables; 9.de-obfuscate; 10.API view with x-ref; 11.Association of permissions with modules; Changelog v3.78 A lot of bugs fixed, GDAE Professional Edition was released. Provide the option of method Merge mode and separation mode. Fix the problem that the memory module cannot be dump in 64-bit system. Implement the vulnerability detection based on rule expression. Fix the aspect ratio of the window . Change and optimize color management to support various topics. Optimize the GUI, adjust the internal layout of some windows, and repair some GUI problems, making the operation more comfortable. Add the search function (Ctrl + F) to the dump device. Merge the multi Dex in the tree box. The default combination mode on the class display can be switched to separate mode by right-clicking. Add line number, module tag, and jump tag (under SmalI). Right-click to switch. Strengthen the structured algorithm to make the code more readable. De-duplicate the results of malscan. Adapt to the widescreen. Add basic information to view. [Hidden Content]

GDA(GJoy Dex Analysizer) Most reverse engineers mainly use Java decompiler, commercial Dalvik decompiler Jeb and smali2java to analyze Android APPs. Java decompiler is based on Java bytecode, including JD, JD-GUI, jadx, and others. smali2java is a decompiler based on the Smali code. They have their own shortcomings, such as the Java decompiler depends on the convert of dex2jar. For complex, obfuscated or packed apks, there is a problem of translation failure. smali2java decompiles Smali code which should be translated from DEX with apktool, so it increases the difficulty and error rate, and decreases the speed of manual analysis. In addition, their interaction is poor, which increases the difficulty of manual analysis. Although the commercial Jeb has better interactivity, it is easy to death when analyzing a large-sized APP with the Multidex, and it is very expensive for me… Here, a new decompiler based on Dalvik bytecode, GDA（this project started in 2013 and released its first version 1.0 in 2015 at www.gda.com: 9090) , is proposed and implemented in C++ language to provide more sophisticated, fast and convenient decompilation support. GDA is completely self-independent. It supports APK, DEX, ODEX, oat files, and run without installation and Java VM support. GDA only takes up 2M of your disk space, and you can use it in any newly installed windows system and virtual machine system. In addition, GDA has more features as follows: Changelog v3.73 fix some crash and bug. change the main page. move Permissions to “DexFile->AccessPermission(click to view permissions)” [HIDE][Hidden Content]]