Skip to content
sonyericssondev edited this page Apr 13, 2012 · 16 revisions

1

Welcome to the ApkAnalyser wiki!

ApkAnalyser is a static, virtual analysis tool for examining and validating the development work of your Android™ app. It's a complete tool chain which supports modification of the binary application with more printouts. You are then able to repack, install, run and verify the result from logcat. ApkAnalyser also supports resource analysis, and you can decode XML, look up resource references and detect potential issues in your app.

Features

Exploring code and xml

  1. Explore package/classes/methods/fields
  2. Look up package/classes/methods references
  3. Look up field read/write accesses
  4. Disassemble dalvik method's bytecode with highlighting syntax
  5. Decode Android XML files with highlighting syntax

Architecture and dependency

  1. Display UML package/class diagrams
  2. Highlight dependencies of packages/classes
  3. Paint method call graph
  4. Find a label in resources and strings in code

Injection and deodexing

  1. Modify APK file with some predefined Davik bytecode injections
  2. Uninstall/resign/install/launch APK file
  3. Logcat viewer with debug level filters
  4. Support odex applications and libraries

Resource Analyser

  1. List resource IDs and its contents
  2. Look up resource references in xml, code or by other resource IDs
  3. Find unused resources by resource ID or files
  4. Find system resource (@android) references
  5. Detect some resource potential issues

Installation

  • Download the ApkAnalyser jar file from downloads

  • Copy the jar file to your local disk and execute the following command in the command prompt to start ApkAnalyser: java -Xmx1024m -jar ApkAnalyser.jar

    ApkAnalyser will consume lots of memory for analyzing the dalvik bytecodes. it may run out of memory, so the max heap size is better to be explicitly incrased by "-Xmx1024m"

Configuration

Before the analyzing, you need to setup the following configurations:

File -> Set paths

1 Classpaths - where to look for packages and libraries, it can be retrieved from one of the following sources:

  • android.jar - the jar file in android sdk, e.g. C:\android-sdk-windows\platforms\android-8\android.jar. Here recommand to use the correct version as your device.

  • system libraries from build - in target build folder, e.g. /out/target/product/xxx/system/framework/framework.jar or /out/target/product/semcsdk/system/framework/framework.jar

  • system libraries on device - non-odex libraries on target device, e.g. /system/framework/framework.jar (should be no corresponding .odex file in that folder)

  • odex system libraries on device - odex libraries on target device, e.g. /system/framework/framework.odex

  • a folder - where contains java class files

2 Android SDK - alternatively, a platform folder in the Android SDK tab, for example C:\android-sdk-windows\platforms\android-15. ApkAnalyser will then import all the jar files in that folder.

3 APK file - the file to analyse, it can be retrieved from:

  • somewhere out of the phone...

  • /data/app/XXX.apk on device

  • /system/app/XXX.apk on device - if you want to modify it and install it back, you may have to uninstall the app manuall, see Trouble Shooting

File -> Settings

adb executable - the location of adb, for example C:\android-sdk-windows\tools\adb.exe

File -> Analyse

Start analysing the app.

You may refer to Tutorials to get some examples on how to use it.

Tutorials

3 tutorials about how to modify the apk file with more debugging printouts

Injections

Formats and examples of Dalvik bytecode injections

Trouble shooting

Trouble shooting

Use and improve ApkAnalyser

Since ApkAnalyser is open source, we would be really happy if you would work together with us to improve this tool. If you have any ideas, feel free to contact us, either through the comments of blog post, or by checking out the ApkAnalyser forum thread on XDA forum, or send an email directly to [email protected]

Clone this wiki locally