android-reverse-engineering-skill

android-reverse-engineering-skill

Claude Code skill for Android app reverse engineering and API extraction.

Agent SkillDevOpen source
Type
Agent Skill
Open source
Yes
GitHub Stars
★ 6.2k
Source
skill-github

Overview

This skill can decompile Android APK/XAPK/JAR/AAR files and extract HTTP APIs, including Retrofit endpoints, OkHttp calls, hardcoded URLs, and authentication patterns. It also supports modern Kotlin/KMP stacks such as Ktor, Apollo (GraphQL), and Koin. This capability helps developers document and reconstruct APIs without access to source code. Suitable for scenarios requiring Android app reverse engineering and API extraction.

Capabilities

  • Quickly identify frameworks and HTTP stacks
  • Decompile APK/XAPK/JAR/AAR files
  • Recover Kotlin class names
  • Extract APIs from Retrofit/OkHttp/Volley
  • Extract modern Kotlin stack APIs such as Ktor/Apollo/Koin
  • Trace flow from Activity to HTTP calls

Use cases

Reverse engineering Android appsExtracting and documenting APIsAnalyzing app structure and architecture patternsHandling R8/ProGuard obfuscation

Setup

Requires: Java JDK 17+jadx
Run in Claude Code: "/plugin marketplace add SimoneAvogadro/android-reverse-engineering-skill" "/plugin install android-reverse-engineering@android-reverse-engineering-skill"

This information was compiled by AI from public sources and may contain inaccuracies — please refer to the source.

FAQ

How do I install dependencies?

Check and install dependencies using the provided scripts: bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/check-deps.sh and bash plugins/android-reverse-engineering/skills/android-reverse-engineering/scripts/install-dep.sh <dependency>

What file formats are supported?

Supports APK, XAPK, JAR, and AAR file formats.

Related skills