非kali官方源中的那些优秀软件们 --- java反编译反汇编器引擎汇总(长期更新)
JAVA反编译引擎介绍
JAD http://www.kpdus.com/jad.html
元老级java反编译引擎。已过时不建议使用。
用C++开发,支持平台众多,缺点是不开源且不支持新java特性.不建议使用。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 | E:\jad158g.win>jad.exeJad v1.5.8g. Copyright 2001 Pavel Kouznetsov (jad@kpdus.com).Usage: jad [option(s)] <filename(s)>Options: -a - generate JVM instructions as comments (annotate) -af - output fully qualified names when annotating -b - generate redundant braces (braces) -clear - clear all prefixes, including the default ones -d <dir> - directory for output files -dead - try to decompile dead parts of code (if there are any) -dis - disassembler only (disassembler) -f - generate fully qualified names (fullnames) -ff - output fields before methods (fieldsfirst) -i - print default initializers for fields (definits) -l<num> - split strings into pieces of max <num> chars (splitstr) -lnc - output original line numbers as comments (lnc) -lradix<num>- display long integers using the specified radix -nl - split strings on newline characters (splitstr) -noconv - don't convert Java identifiers into valid ones (noconv) -nocast - don't generate auxiliary casts -noclass - don't convert .class operators -nocode - don't generate the source code for methods -noctor - suppress the empty constructors -nodos - turn off check for class files written in DOS mode -nofd - don't disambiguate fields with the same names (nofldis) -noinner - turn off the support of inner classes -nolvt - ignore Local Variable Table entries (nolvt) -nonlb - don't insert a newline before opening brace (nonlb) -o - overwrite output files without confirmation -p - send all output to STDOUT (for piping) -pa <pfx>- prefix for all packages in generated source files -pc <pfx>- prefix for classes with numerical names (default: _cls) -pe <pfx>- prefix for unused exception names (default: _ex) -pf <pfx>- prefix for fields with numerical names (default: _fld) -pi<num> - pack imports into one line using .* (packimports) -pl <pfx>- prefix for locals with numerical names (default: _lcl) -pm <pfx>- prefix for methods with numerical names (default: _mth) -pp <pfx>- prefix for method parms with numerical names (default:_prm) -pv<num> - pack fields with the same types into one line (packfields) -r - restore package directory structure -radix<num>- display integers using the specified radix (8, 10, or 16) -s <ext> - output file extension (default: .jad) -safe - generate additional casts to disambiguate methods/fields -space - output space between keyword (if, while, etc) and expression -stat - show the total number of processed classes/methods/fields -t<num> - use <num> spaces for indentation (default: 4) -t - use tabs instead of spaces for indentation -v - show method names while decompiling -8 - convert Unicode strings into ANSI strings (ansi) -& - redirect STDERR to STDOUT |
uuDeJava https://uuware.com/st_l.en/st_p2.uw_dejava.html?st_m=24-6
jad的第三方图形化界面。已过时不建议使用。
DJ Java Decompiler http://www.neshkov.com/
jad的第三方图形化界面。已过时不建议使用。
Procyon https://bitbucket.org/mstrobel/procyon/src/master/一停摆 https://github.com/mstrobel/procyon
最接近源码的java反编译引擎
原来的bitbucket中的存储库里有jar,不知道为什么在新存储库中不提供可执行bin文件了只有源码,似乎要自己手动构建。https://web.archive.org/web/20190614092620/https://bitbucket.org/mstrobel/procyon/downloads/ 这里历史记录还可以下载到jar。能下载到的版本是0.5.34。
用法:
E:\>java -jar procyon-decompiler-0.5.34.jar -jar E:\88dca183e1bd41b889931f1cfe403205-dex2jar.jar -o E:\22
帮助:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 | E:\>java -jar procyon-decompiler-0.5.34.jarUsage: <main class> [options] <type names or class/jar files> Options: -b, --bytecode-ast Output Bytecode AST instead of Java. Default: false -ci, --collapse-imports Collapse multiple imports from the same package into a single wildcard import. Default: false -cp, --constant-pool Includes the constant pool when displaying raw bytecode (unnecessary with -v). Default: false -dl, --debug-line-numbers For debugging, show Java line numbers as inline comments (implies -ln; requires -o). Default: false --disable-foreach Disable 'for each' loop transforms. Default: false -eml, --eager-method-loading Enable eager loading of method bodies (may speed up decompilation of larger archives). Default: false -ent, --exclude-nested Exclude nested types when decompiling their enclosing types. Default: false -ei, --explicit-imports [DEPRECATED] Explicit imports are now enabled by default. This option will be removed in a future release. Default: false -eta, --explicit-type-arguments Always print type arguments to generic methods. Default: false -fsb, --flatten-switch-blocks Drop the braces statements around switch sections when possible. Default: false -fq, --force-qualified-references Force fully qualified type and member references in Java output. Default: false -?, --help Display this usage information and exit. Default: false -jar, --jar-file [DEPRECATED] Decompile all classes in the specified jar file (disables -ent and -s). -lc, --light Use a color scheme designed for consoles with light background colors. Default: false -lv, --local-variables Includes the local variable tables when displaying raw bytecode (unnecessary with -v). Default: false -ll, --log-level Set the level of log verbosity (0-3). Level 0 disables logging. Default: 0 -mv, --merge-variables Attempt to merge as many variables as possible. This may lead to fewer declarations, but at the expense of inlining and useful naming. This feature is experimental and may be removed or become the standard behavior in future releases. Default: false -o, --output-directory Write decompiled results to specified directory instead of the console. -r, --raw-bytecode Output Raw Bytecode instead of Java (to control the level of detail, see: -cp, -lv, -ta, -v). Default: false -ec, --retain-explicit-casts Do not remove redundant explicit casts. Default: false -ps, --retain-pointless-switches Do not lift the contents of switches having only a default label. Default: false -ss, --show-synthetic Show synthetic (compiler-generated) members. Default: false -sm, --simplify-member-references Simplify type-qualified member references in Java output [EXPERIMENTAL]. Default: false -sl, --stretch-lines Stretch Java lines to match original line numbers (only in combination with -o) [EXPERIMENTAL]. Default: false -ta, --type-attributes Includes type attributes when displaying raw bytecode (unnecessary with -v). Default: false --unicode Enable Unicode output (printable non-ASCII characters will not be escaped). Default: false -u, --unoptimized Show unoptimized code (only in combination with -b). Default: false -v, --verbose Includes more detailed output depending on the output language (currently only supported for raw bytecode). Default: false --version Display the decompiler version and exit. Default: false -ln, --with-line-numbers Include line numbers in raw bytecode mode; supports Java mode with -o only. Default: falseE:\> |
d4j http://www.secureteam.net/d4j
Procyon第三方图形化界面
Fernflower https://github.com/JetBrains/intellij-community/tree/master/plugins/java-decompiler/engine
Fernflower似乎是为intellij的IDE开发的一款开源反编译插件,但是没有找到官方下载链接,似乎要自己手动构建,构建方法 https://www.youtube.com/watch?v=YiaglbXbTbQ
CFR 官网:https://github.com/leibnitz27/cfr https://www.benf.org/other/cfr/
最具现代化的java反编译引擎
支持很多java新特性。用java6开发编写的开源软件,唯一缺点没有任何说明文档。支持win、linux、osx平台,输入可以是jar,class文件,也可以是在classpath里的类名
java -jar cfr_0_110.jar D:\example.jar –outputdir D:\data\example
--help查看帮助 --help pullcodecase 查看命令详细帮助1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 | kali@kali:~$ java -jar cfr.jar --helpPicked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=trueCFR 0.149java -jar CFRJAR.jar class_or_jar_file [method] [options] --aexagg (boolean) 尝试更积极地扩展和合并异常 --aggressivesizethreshold (int >= 0) default: 15000 触发大幅减少的操作码数量 --allowcorrecting (boolean) default: true 允许纠正错误的转换,但可能要以改变发出的代码行为为代价。 一个例子是删除不可能的(在java中!)异常处理--如果这有任何影响,将发出警告。 --analyseas (One of [DETECT, JAR, WAR, CLASS]) 强制文件作为“jar”或“class”进行分析 --arrayiter (boolean) default: true if class file from version 49.0 (Java 5) or greater --caseinsensitivefs (boolean) default: false --clobber (boolean) --collectioniter (boolean) default: true if class file from version 49.0 (Java 5) or greater --commentmonitors (boolean) default: false --comments (boolean) default: true --decodeenumswitch (boolean) default: true if class file from version 49.0 (Java 5) or greater --decodefinally (boolean) default: true --decodelambdas (boolean) default: true if class file from version 52.0 (Java 8) or greater --decodestringswitch (boolean) default: true if class file from version 51.0 (Java 7) or greater --dumpclasspath (boolean) default: false --eclipse (boolean) default: true --elidescala (boolean) default: false --extraclasspath (string) --forcecondpropagate (boolean) --forceexceptionprune (boolean) --forcereturningifs (boolean) --forcetopsort (boolean) --forcetopsortaggress (boolean) --forloopaggcapture (boolean) --hidebridgemethods (boolean) default: true --hidelangimports (boolean) default: true --hidelongstrings (boolean) default: false --hideutf (boolean) default: true --ignoreexceptions (boolean) default: false --ignoreexceptionsalways (boolean) default: false --importfilter (string) --innerclasses (boolean) default: true --instanceofpattern (boolean) default: true if class file from version 58.0 (Java 14) or greater, or experimental in 58.0 (Java 14) --j14classobj (boolean) default: false if class file from version 49.0 (Java 5) or greater --jarfilter (string) --labelledblocks (boolean) default: true --lenient (boolean) default: false --liftconstructorinit (boolean) default: true --methodname (string) --obfuscationpath (string) --outputdir (string) --outputpath (string) --override (boolean) default: true if class file from version 50.0 (Java 6) or greater --previewfeatures (boolean) default: true --pullcodecase (boolean) default: false 主动将代码放入case语句 --recordtypes (boolean) default: true if class file from version 58.0 (Java 14) or greater, or experimental in 58.0 (Java 14) --recover (boolean) default: true --recovertypeclash (boolean) --recovertypehints (boolean) --relinkconststring (boolean) default: true --removebadgenerics (boolean) default: true --removeboilerplate (boolean) default: true --removedeadmethods (boolean) default: true --removeinnerclasssynthetics (boolean) default: true --rename (boolean) default: false --renamedupmembers (boolean) default: Value of option 'rename' --renameenumidents (boolean) default: Value of option 'rename' --renameillegalidents (boolean) default: Value of option 'rename' --renamesmallmembers (int >= 0) default: 0 --showinferrable (boolean) default: false if class file from version 51.0 (Java 7) or greater --showversion (boolean) default: true --silent (boolean) default: false --skipbatchinnerclasses (boolean) default: true --stringbuffer (boolean) default: false if class file from version 49.0 (Java 5) or greater --stringbuilder (boolean) default: true if class file from version 49.0 (Java 5) or greater --stringconcat (boolean) default: true if class file from version 53.0 (Java 9) or greater --sugarasserts (boolean) default: true --sugarboxing (boolean) default: true --sugarenums (boolean) default: true if class file from version 49.0 (Java 5) or greater --switchexpression (boolean) default: true if class file from version 57.0 (Java 13) or greater, or experimental in 56.0 (Java 12) --tidymonitors (boolean) default: true --tryresources (boolean) default: true if class file from version 51.0 (Java 7) or greater --usenametable (boolean) default: true --help (string) Please specify '--help optionname' for specifics, eg --help pullcodecasekali@kali:~$ |
Candle
JAVA反汇编引擎介绍
Krakatau https://github.com/Storyyeller/Krakatau
一款用python开发的java反汇编器
用法示例:
python Krakatau/disassemble.py -out temp RecordTest.class
python Krakatau/disassemble.py -out disassembled.zip -roundtrip r0lling-challenge.jar
Volcano github.com/redking00/Volcano
Krakatau的第三方GUI
适用于Linux(x64)和Windows(x64),可以将java二进制文件反汇编成.j文件,将j文件汇编成二进制,使得修改java成为可能
java逆向工程集成化工具
Bytecode Viewer 官网:bytecodeviewer.com https://github.com/Konloch/bytecode-viewer konloch.me一停摆 api:https://the.bytecode.club/docs/bytecode-viewer/
具有多个java反编译引擎的开源图形化类java反编译器
六个不同的JAVA反编译器,两个BYTECODE编辑器,一个JAVA编译器。类java指定的是安卓的使用非标准java。它用java开发编写的开源软件。支持win、linux、osx平台,输入可以是apk、dex、jar,class文件
用法:
直接推拽,菜单栏中的view可以修改引擎
帮助:
无
JEB https://www.pnfsoftware.com/
旨在打造成反编译多种文件和cpu架构的全能工具
起初是专注安卓逆向,现在不仅仅支持java和dex可执行文件,还支持pdf和多种架构。它类似IDA pro工具,是商业化软件。发展迅速
专注于安卓apk的java逆向工具
JADX https://github.com/skylot/jadx
Dex、Apk文件直接生成Java伪码的命令行和图形化开源java反编译器
该工具可以直接将安卓可执行程序直接反编译成java代码,方便我们查看代码。无需用dex转jar,在用jd-gui将jar转java伪代码的繁琐步骤。而且jadx还原成java伪代码要优于jd。
AndroChef http://www.androiddecompiler.com/
apktool
GDA http://www.gda.wiki:9090/index.php
使用起来就是一个字快,支持apk、dex反编译
dex2jar
安卓的java可执行文件dex转java
enjarify
https://github.com/google/enjarify
来自于谷歌官方的dex转jar工具,类似于dex2jar工具
smali2java http://www.hensence.com/cn/smali2java/#Download
smali是dex的汇编代码表示方法,可以修改smali达到修改可执行文件的方法
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 理解Rust引用及其生命周期标识(上)
· DeepSeek 开源周回顾「GitHub 热点速览」
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· AI与.NET技术实操系列(二):开始使用ML.NET
· 单线程的Redis速度为什么快?