explaingit

calebfenton/simplify

4,641JavaAudience · researcherComplexity · 4/5Setup · hard

TLDR

A command-line Java tool for Android security researchers that deobfuscates APK files by executing them in a virtual machine and rewriting the code to reveal what the app actually does.

Mindmap

mindmap
  root((Simplify))
    What It Does
      Deobfuscates APKs
      Removes dead code
      Decrypts strings
      Strips reflection
    Components
      smalivm virtual machine
      Simplify optimizer
      Demo app
    Input
      Android APK files
      DEX files
    Use Cases
      Malware analysis
      Security research
      Reverse engineering
    Setup
      Java 8
      Gradle build
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Deobfuscate an Android APK to reveal encrypted strings, remove dead code, and expose methods hidden behind reflection

USE CASE 2

Analyze a suspicious Android app by running it in a controlled virtual environment that tracks execution without needing a real device

USE CASE 3

Build custom Android static analysis tools on top of the smalivm library to automate specific deobfuscation tasks

USE CASE 4

Automate deobfuscation of multiple APKs in a batch pipeline for mobile malware research

Tech stack

JavaGradleDalvik bytecode

Getting it running

Difficulty · hard Time to first run · 1h+

Requires Java 8 specifically, must clone with --recursive to get Android framework submodules, and building uses Gradle.

In plain English

Simplify is a command-line tool for Android security researchers and malware analysts who need to read obfuscated Android app code. Android apps sometimes disguise their behavior using obfuscation, techniques that scramble code to hide what it actually does. Simplify works by running the app in a virtual environment it controls, tracking what happens as the code executes, and then rewriting the code to be clearer without changing how it behaves. The tool is built in three connected parts. The first is a virtual machine called smalivm that can execute the low-level code format Android apps use (called Dalvik bytecode), even when some values like network responses or file contents are unknown at analysis time. The second is the main Simplify optimizer, which takes what smalivm learned and applies transformations: replacing encrypted strings with their decrypted versions, removing dead code that never runs, and stripping out reflection (a technique often used to hide which methods are being called). The third is a demo app showing how to build your own tools on top of smalivm. To use it, you run it as a command-line Java program and point it at an Android APK or DEX file. You can limit which parts of the app it processes using include and exclude filters, set time limits for tricky methods, and adjust recursion depth. The output is a modified DEX file with the obfuscation removed. It does not rename classes or methods, so structural names stay as-is. Building it requires Java 8 and uses the Gradle build system. The repository includes submodules for Android framework files, so cloning with the recursive flag is necessary to get everything set up. The project is aimed at people doing mobile security research, malware analysis, or reverse engineering of Android applications. It is not a consumer app and not something you install on a phone. The README notes that contributions are welcome and gives clear guidance on what to include when reporting issues.

Copy-paste prompts

Prompt 1
I have a suspicious Android APK I need to analyze. Show me the Simplify command to deobfuscate it, targeting only the main application package and setting a timeout for methods that take too long to execute
Prompt 2
How do I set up Simplify with Java 8 and Gradle, clone it with the required Android framework submodules using the recursive flag, and run it against a DEX file to remove string encryption?
Prompt 3
I want to build a custom analysis tool using smalivm from the Simplify project. Show me how to add smalivm as a Gradle dependency and write a small Java program that executes a specific method from an APK
Prompt 4
An Android app I'm reversing uses heavy reflection to hide method calls. How does Simplify detect and remove reflection, and what should the cleaned output DEX look like compared to the original?
Open on GitHub → Explain another repo

← calebfenton on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.