Android逆向必备网址和书籍

几本android安全基础书籍

Android Apps Security

http://www.itpub.net/forum.php?mod=viewthread&tid=1730861

Application Security for the Android Platform: Processes, Permissions, and Other Safeguards

http://www.itpub.net/forum.php?mod=viewthread&tid=1557863

Decompiling Android 一本介绍apk的入口书籍，对dex进入了很形象的剖析！

http://www.itpub.net/forum.php?mod=viewthread&tid=1709054

Android Security: Attacks & Defenses 新出的书籍，没有下载哦！

http://www.amazon.cn/Android-Security-Attacks-and-Defenses-Misra-Anmol/dp/1439896461

支持正版，大家多买实体书！

几个简单教程：

http://securitycompass.github.io/AndroidLabs/lab8.html。一些基础知识。

http://www.mcafee.com/us/resources/white-papers/foundstone/wp-pen-testing-android-apps.pdf。简单渗透。

https://viaforensics.com/category/mobile-security/ 。一个疯狂的网站，里面有大量的信息。

 

 

以下Jack_Jia编写，转载请注明出处。
文章链接：http://blog.csdn.net/jiazhijun/article/details/8815175

作者：Jack_Jia    邮箱： 309zhijun@163.com

 

以下是本人在日常的应用安全分析及Android病毒分析中收集的与Android逆向分析相关的工具网站，欢迎博友提供未收录的网址。
androidterm：
Android Terminal Emulator
http://code.google.com/p/androidterm/

droidbox：
Android Application Sandbox
https://code.google.com/p/droidbox/

TaintDroid：
Realtime Privacy Monitoring on Smartphones
https://github.com/TaintDroid
http://appanalysis.org/index.html

apktool：
A tool for reverse engineering Android apk files
http://code.google.com/p/android-apktool/

smali：
An assembler/disassembler for Android’s dex format
 https://code.google.com/p/smali/

AndBug：
a debugger targeting the Android platform’s Dalvik virtual machine intended for reverse engineers and developers
https://github.com/swdunlop/AndBug

apkinspector：
APKinspector is a powerful GUI tool for analysts to analyze the Android applications.
https://code.google.com/p/apkinspector/

androguard：
Reverse engineering, Malware and goodware analysis of Android applications … and more (ninja !)
https://code.google.com/p/androguard/

jad：
Java Decompiler tool
 http://www.varaneckas.com/jad/

dex2jar：
Tools to work with android .dex and java .class files
http://code.google.com/p/dex2jar/

ded：
Decompiling Android Applications
http://siis.cse.psu.edu/ded/

ARE：
Virtual Machine for Android Reverse Engineering
https://redmine.honeynet.org/projects/are

STOWAWAY：
A static analysis tool and permission map for identifying permission use in Android applications
http://www.android-permissions.org/

COMDROID：
A static analysis tool for identifying application communication-based vulnerabilities.
http://www.comdroid.org/

dex-decomplier：
Dex decompiler
https://code.google.com/p/dex-decomplier/

amatutor：
Android恶意代码分析教程
 https://github.com/secmobi/amatutor

mobile sandbox：
Provide an Android application file (apk-file) and the Mobile-Sandbox-System will analyze the file for malicious behaviour.
http://mobilesandbox.org/

apkstatics：
a tool for APK static security check
https://code.google.com/p/apkstatics/

DexGuard：
DexGuard is specialized optimizer and obfuscator for Android
 http://www.saikoa.com/dexguard

android-stuff：
This is a repository for random scripts and files using for Android reversing
https://github.com/jlarimer/android-stuff

Dexter：
Dexter is a static android application analysis tool
http://code.google.com/p/android-market-api/

JEB：
The Interactive Android Decompiler.
 http://www.android-decompiler.com/

APK_OneClick：

decompile & disassemble APKs

 http://forum.xda-developers.com/showthread.php?t=873466

 

APK IDE：

小米人APK改之理（Apk IDE）是一款可视化的用于修改安卓Apk程序文件的工具

http://bbs.pediy.com/showthread.php?t=168001

 

ApkToolkit
是一款可视化的用于修改安卓Apk程序文件的工具
http://bbs.pediy.com/showthread.php?t=169975

 

smali-cfgs：

Smali Flow Graphs
https://code.google.com/p/smali-cfgs/

droidwall：
Android Firewall
https://code.google.com/p/droidwall/

connectbot：
Secure shell (SSH) client for the Android platform

https://code.google.com/p/connectbot/

 

金山火眼：

在线APK文件扫描及行为分析

https://fireeye.ijinshan.com/

 

Android安全监测网：
在线监测Android病毒检测
http://www.apk32.com/index.php

 

Virustotal：
VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
https://www.virustotal.com/en/

 

SandDroid
An APK Analysis Sandbox
http://sanddroid.xjtu.edu.cn/

 

AndroTotal：
AndroTotal is a free service to scan suspicious APKs against multiple mobile antivirus apps.
http://beta.andrototal.org/

持续更新中…….