Androguard – Reverse Engineering & Malware Analysis For Android

Outsmart Malicious Hackers

Androguard is a toolkit built in Python which provides reverse engineering and malware analysis for Android.

Androguard - Reverse Engineering & Malware Analysis For Android

It’s buyilt to examine * Dex/Odex (Dalvik virtual machine) (.dex) (disassemble, decompilation), * APK (Android application) (.apk), * Android’s binary xml (.xml) and * Android Resources (.arsc).

Androguard is available for Linux/OSX/Windows (Python powered).


  • Map and manipulate DEX/ODEX/APK/AXML/ARSC format into full Python objects
  • Diassemble/Decompilation/Modification of DEX/ODEX/APK format
  • Decompilation with the first native (directly from dalvik bytecodes to java source codes) dalvik decompiler (DAD)
  • Access to the static analysis of the code (basic blocks, instructions, permissions)
  • Analysis a bunch of android apps
  • Analysis with ipython/Sublime Text Editor
  • Diffing of android applications
  • Measure the efficiency of obfuscators (proguard, …)
  • Determine if your application has been pirated (plagiarism/similarities/rip-off indicator)
  • Check if an android application is present in a database (malwares, goodwares ?)
  • Open source database of android malware
  • Detection of ad/open source librairies (WIP)
  • Risk indicator of malicious application
  • Reverse engineering of applications (goodwares, malwares)
  • Transform Android’s binary xml (like AndroidManifest.xml) into classic xml
  • Visualize your application with gephi (gexf format), or with cytoscape (xgmml format), or PNG/DOT output
  • Integration with external decompilers (JAD+dex2jar/DED/fernflower/jd-gui…)


Androguard has many different components, but the most commonly used one would be Androlyze:

You can download Androguard here:

Or read more here.

Posted in: Forensics, Malware

, , , , , , , ,

Recent in Forensics:
- Androguard – Reverse Engineering & Malware Analysis For Android
- Volatility Framework – Advanced Memory Forensics Framework
- CuckooDroid – Automated Android Malware Analysis

Related Posts:

Most Read in Forensics:
- NetworkMiner – Passive Sniffer & Packet Analysis Tool for Windows - 66,794 views
- raw2vmdk – Mount Raw Hard Disk (dd) Images As VMDK Virtual Disks - 35,539 views
- OpenDLP – Free & Open-Source Data Loss Prevention (DLP) Tool - 34,262 views

Comments are closed.