explaingit

charles2gan/gda-android-reversing-tool

4,743PythonAudience · developerComplexity · 4/5LicenseSetup · moderate

TLDR

GDA is a free Windows tool for opening and reading the source code of Android app files, used by security researchers to detect malware, vulnerabilities, and hidden behaviour.

Mindmap

mindmap
  root((repo))
    What it does
      Read Android app code
      Detect malware
      Trace data flow
    Supported Formats
      APK and DEX
      ODEX and OAT
      JAR AAR CLASS
    Features
      Decompile to Java
      Smali assembly view
      Vulnerability scanner
    Interfaces
      GUI drag and drop
      CLI flags
      Server mode API
    Scripting
      Python scripts
      Java scripts
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Decompile an Android APK back into readable Java code to audit what the app actually does before installing it.

USE CASE 2

Scan a suspicious Android app for known malware patterns or code-packing techniques without needing Java installed.

USE CASE 3

Automate batch analysis of multiple APK files using GDA's Python scripting support and CLI mode.

USE CASE 4

Extract an app's declared permissions and certificate details from the command line for a security compliance check.

Tech stack

C++PythonJavaSmaliWindows

Getting it running

Difficulty · moderate Time to first run · 30min

Windows only. No Java required. Download the binary from the repo, drag an APK onto GDA's GUI, or run it via CLI flags.

Free to use but not open source, you cannot view or modify the source code.

In plain English

GDA (GJoy Dex Analyzer) is a tool for taking apart Android app files and examining what is inside them. It can open APK, DEX, ODEX, OAT, JAR, AAR, and CLASS files, the various formats that Android apps and libraries come in. The tool is written in C++ and runs on Windows without requiring Java to be installed, which separates it from most other Android decompilers that depend on a Java runtime. The primary use case is reverse engineering: security researchers and developers can use GDA to read the source code of an Android app, even when that code has been compiled into a form that is not meant to be human-readable. The tool translates the compiled bytecode back into Java and Smali (a lower-level Android assembly language), lets you browse it, add comments, rename variables, and search across all methods and strings. Beyond basic code reading, GDA includes automated analysis features. It can scan an app for known vulnerability patterns, detect behaviors that suggest malicious intent, identify whether an app uses code-packing to hide its contents, and trace how data flows through variables. There is also a memory dumping feature that can extract code from a running device. For users who want to automate analysis, GDA supports Python and Java scripting. The tool has both a graphical interface and a command-line mode. In GUI mode, you drag a file onto GDA and browse the results interactively. In CLI mode, you pass flags to extract specific information like the app's package name, permissions, certificate details, or a full decompiled code dump. A server mode is also available, letting external scripts query GDA over a local network connection. The README notes this is not an open-source project, though the tool is free to use. It runs on Windows only.

Copy-paste prompts

Prompt 1
I have an APK file from an unknown source and want to check if it contains malware or suspicious permissions. Walk me through how to analyse it with GDA.
Prompt 2
Using GDA's CLI mode, how do I extract the package name, permissions list, and certificate info from an APK file in a single command?
Prompt 3
I want to write a Python script that uses GDA in server mode to batch-scan a folder of APK files for vulnerability patterns. Show me how to set that up.
Prompt 4
Explain the difference between the Java decompiled view and the Smali view in GDA, when would I look at one versus the other?
Prompt 5
How do I use GDA's data-flow tracing feature to follow how a specific variable moves through an Android app's methods?
Open on GitHub → Explain another repo

← charles2gan on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.