GDA Android Reversing Tool

Here, a new Dalvik bytecode decompiler, GDA(this project started in 2013 and released its first version 1.0 in 2015 at www.gda.wiki:9090) , is proposed and implemented in C++ to provide more sophisticated, fast and convenient decompilation support. GDA is completely self-independent and very stable. It supports APK, DEX, ODEX, oat files, and run without installation and Java VM support.

GDA only takes up 2M of your disk space, and you can use it in any newly installed windows system and virtual machine system without additional configuration. In addition, GDA has more excellent features as follows:

  • Interactive operation:
    • cross-references for strings, classes, methods and fields;
    • searching for strings, classes methods and fields;
    • comments for java code;
    • rename for methods,fields and classes;
    • save the analysis results in gda db file.
  • Utilities for Assisted Analysis:
    • extracting DEX from ODEX;
    • extracting DEX from OAT;
    • XML Decoder;
    • algorithm tool;
    • device memory dump;
  • New features:
    • Brand new dalvik decompiler in c++ with friendly GUI;
    • Support python script
    • packers Recognition;
    • Multi-DEX supporting;
    • making and loading signature of the method
    • Malicious Behavior Scanning by API chains;
    • taint analysis to preview the behavior of variables;
    • taint analysis to trace the path of variables;
    • de-obfuscate;
    • API view with x-ref;
    • Association of permissions with modules;

Also Read – Application Inspector : A Source Code Analyzer Built For Surfacing Features Of Interest

shortcutdescription
F5Switch java to smali, pressing it again for back to java
FTrace the args and return value by dataflow analysis
XCross-referencing, locating callers (of strings, classes, methods, field, Smali, Java)
Esc/<-/BackspaceBack to the last visit
->Forward to the next visit
GJump to somewhere by you inputting offset
NRename the variable/method/class name
SSearch for all the elements by the given string
CComments. Only supports the Java code
DoubleClickThe cursor’s placed at the method/str/field/class, and double-click to access objects
Mthe cursor’s placed at the Smali line and pressing the key ‘M’ to edit the instruction
UPPress ‘up’ key to access the up-method in the tree control
DownPress “down” key to access the down-method in the tree control
DDump the binary data of methods, only supports the Smali window
EnterThe modification of edit boxes take effect
HShow data in Hex
Ctr+HPop searching history window
Ctr+ASelect all
Ctr+CCopy
Ctr+VPaste, only for editable boxes
Ctr+XCut
Ctr+FFind out the string of the current window
Ctr+SSave the modifications into the GDA database file

Shows

File loading and decompiling:

MalScan, API search, x-ref…

Url,Xml,string x-ref…

variable trace

R K

Recent Posts

SpyAI : Intelligent Malware With Advanced Capabilities

SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…

1 day ago

Proxmark3 : The Ultimate Tool For RFID Security And Analysis

The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…

1 day ago

Awesome Solana Security : Enhancing Program Development

The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…

1 day ago

IngressNightmare-POCs : Understanding The Vulnerability Exploitation Flow

The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…

1 day ago

AdaptixC2 : Enhancing Penetration Testing With Advanced Framework Capabilities

AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…

1 day ago

Bincrypter : Enhancing Linux Binary Security through Runtime Encryption And Obfuscation

Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…

1 day ago