AI-native Android reverse engineering for Claude Code — 11 skills and 50+ CLI commands for APK analysis, security auditing, and code exploration.
English | 简体中文
📖 Documentation website: https://android-security-engineer.github.io/Apktool-skills/ — searchable command reference, skills, AI integration, and HTTP API (source).
AI-Apktool turns Apktool into an AI-native reverse engineering platform. Every analysis capability emits structured JSON, so Claude Code (or any LLM agent) can reason over an APK without scraping human-readable logs. It ships as a set of Claude Code Skills plus a unified apktool CLI and an optional HTTP API.
- Highlights
- Built on Apktool
- Feature Map
- AI Agent Integration
- Quick Start
- Skills
- Installation
- Usage
- CLI Command Reference
- HTTP API
- Architecture
- Building
- Acknowledgements
- License
- 11 Skills covering the full APK workflow — from a 5-second triage to deep DEX inheritance tracing and malware hunting.
- 51 CLI commands across 7 categories — all analysis commands output JSON, ready for
jqor an LLM. - Batch scripting — run dozens of analysis commands in one pass over a single decoded APK with
run/pipe. - HTTP API — expose the same capabilities over REST with
apktool serve. - Zero log scraping — structured output everywhere, designed for agents.
This is a fork of Apktool (by Connor Tumbleson / iBotPeaches), re-engineered into an AI-native platform. We keep the battle-tested decode/build engine intact and layer an analysis, scripting, and serving surface on top — purpose-built for LLM agents rather than human eyeballs.
| Upstream Apktool | AI-Apktool (this fork) | |
|---|---|---|
| Primary user | Human at a terminal | AI agent / automation |
| Decode / build / framework mgmt | ✅ | ✅ (inherited, unchanged) |
| Output format | Human-readable logs & files | Structured JSON on every analysis command |
| Static analysis commands | — | 38 (security, DEX, components, resources, signing…) |
| Regex search (strings/classes/methods) | — | ✅ search |
| Batch engine (one parse, many commands) | — | ✅ run / pipe |
| LLM prompt / context generation | — | ✅ ai |
| HTTP REST API | — | ✅ serve |
| Machine-readable capability catalog | — | ✅ help --format=json |
| Claude Code Skills | — | ✅ 11 skills |
In short: everything that unpacks and repacks an APK comes from upstream Apktool; everything that reasons about an APK and exposes it to an agent is what this fork adds.
One picture beats a thousand words — the full capability tree at a glance.
Rendered by scripts/feature_tree.py (pure Pillow, zero external deps) — regenerate with python3 scripts/feature_tree.py.
AI-Apktool is AI-native: it offers an agent multiple ways to plug in, all sharing the same JSON-emitting core. Pick the surface that matches your agent's runtime.
The richest path. Install once and Claude Code discovers the 11 skills and invokes the right one automatically based on the task.
claude config add marketplace ai-apktool https://github.com/android-security-engineer/Apktool-skills.git
claude plugin install ai-apktool@ai-apktool
# Then just ask: "analyze this APK" / "is app.apk safe?" / "what changed between v1 and v2?"Every analysis command prints JSON to stdout, so any agent that can run a shell command (OpenAI tool-use, LangChain, a cron job…) consumes the output directly — no log scraping.
apktool analyze app.apk # one-shot full analysis as JSON
apktool security app.apk | jq '.riskScore'Hand the agent a JSON script; it executes all commands against one shared parse with per-command error isolation — far cheaper than N separate invocations.
echo '{"apk":"app.apk","commands":["info","security","signing","api-surface"]}' | apktool pipe
# Ready-made audit/hunt/recon scripts ship in skills/*/scripts/*.jsonFor agents that aren't co-located with the binary, expose the whole capability set over REST.
apktool serve -p 8080
curl 'http://localhost:8080/api/v1/security?apk=/path/to/app.apk' | jq '.riskScore'Let the tool draft the prompt or hand back structured facts for your own model to reason over.
apktool ai app.apk -a security-review # an LLM-ready prompt
apktool ai app.apk -a context # structured AiContext JSON (facts, not prose)Agents can introspect the entire command surface (names, params, output schema, categories) at runtime to plan tool calls dynamically.
apktool help --format=json | jq '.commands | length' # 51# Build the unified CLI
./gradlew build shadowJar
# Full one-shot analysis of an APK
apktool analyze app.apk
# Quick info
apktool info app.apk
# Security audit with a 0-100 risk score
apktool security app.apk
# Compare two versions
apktool diff app_v1.apk app_v2.apk
# Search for patterns
apktool search app.apk "password" -t strings
# Generate an LLM-ready prompt
apktool ai app.apk -a security-review
# Machine-readable help catalog
apktool help --format=jsonAll analysis commands print JSON to stdout, so you can pipe straight into jq:
apktool info app.apk | jq '.packageName'
apktool security app.apk | jq '.riskScore'
apktool api-surface app.apk | jq '.exportedActivities[].name'| Skill | Description | When to use |
|---|---|---|
quick-analysis |
Fast APK assessment | First encounter with an APK |
security-audit |
Comprehensive security audit | Vulnerability assessment, OWASP compliance |
compare |
Version comparison | Checking changes between app versions |
reverse |
Full reverse engineering | Deep analysis, modification, malware investigation |
reference |
CLI command reference | Looking up exact syntax or output format |
decode-build |
Decode & build workflow | Decoding an APK, rebuilding, framework management |
dex-deep-dive |
DEX deep analysis | Class/method/field exploration, inheritance tracing |
network-analysis |
Network communication analysis | Finding endpoints, URLs, cleartext traffic |
malware-hunt |
Malware indicator hunting | Suspicious APK investigation, malicious patterns |
resource-explorer |
Resource & file exploration | Resources, locales, assets, file structure |
signing-verify |
Signing verification | Certificate analysis, signing scheme assessment |
- Claude Code installed
- JDK 17+ (to build the CLI)
git clone https://github.com/android-security-engineer/Apktool-skills.git
cd Apktool-skills
./gradlew build shadowJar
# The unified wrapper is ./apktool — add it to your PATH if you like# Add the marketplace
claude config add marketplace ai-apktool https://github.com/android-security-engineer/Apktool-skills.git
# Install the plugin
claude plugin install ai-apktool@ai-apktoolgit clone https://github.com/android-security-engineer/Apktool-skills.git ~/.claude/skills/ai-apktoolclaude skill list
# Expected:
# ai-apktool:quick-analysis
# ai-apktool:security-audit
# ai-apktool:compare
# ai-apktool:reverse
# ai-apktool:reference
# ai-apktool:decode-build
# ai-apktool:dex-deep-dive
# ai-apktool:network-analysis
# ai-apktool:malware-hunt
# ai-apktool:resource-explorer
# ai-apktool:signing-verifyOnce installed, Claude Code automatically recognizes APK-related tasks and invokes the right Skill.
/quick-analysis analyze this APK: /path/to/app.apk
/security-audit run a security audit on app.apk
/compare compare app_v1.apk and app_v2.apk
/reverse reverse engineer app.apk
/reference show the usage of the search command
User: analyze this APK file
AI: [uses the quick-analysis skill]
1. runs: apktool analyze /path/to/app.apk
2. reports findings:
- package: com.example.app v2.1.0
- risk score: 35/100 (medium)
- 3 dangerous permissions: CAMERA, RECORD_AUDIO, ACCESS_FINE_LOCATION
- 2 unprotected exported activities
- signer: CN=Developer, O=Example Inc
51 commands across 7 categories. Run apktool help --format=json for the full machine-readable catalog.
| Command | Description |
|---|---|
decode / d |
Decode an APK to smali + resources |
build / b |
Build an APK from a decoded directory |
install-framework / if |
Install a framework APK |
clean-frameworks / cf |
Clean framework files |
list-frameworks / lf |
List installed framework files |
publicize-resources / pr |
Make resources public in the ARSC |
| Group | Commands |
|---|---|
| Metadata | info, manifest, manifest-xml, sdk-info, version, apk-version, apk-info |
| Components | activities, services, receivers, providers, components, api-surface |
| Permissions | permissions, permission-detail |
| Security | security, signing, manifest-flags |
| DEX & code | dex-list, dex-info, dex-strings, class-list, class-info, method-search, field-search, inheritance, structure |
| Resources & files | resources, resource-packages, lib-frame-packages, uses-libs, locales, native-libs, file-list, file-hash, asset-list |
| Combined | analyze (one-shot, everything) |
| Command | Description |
|---|---|
search |
Search strings / classes / methods by regex (-t strings|classes|methods); strings extracts with -p <pattern> |
| Command | Description |
|---|---|
run |
Run a JSON script of analysis commands against an APK (single shared parse) |
pipe |
Read JSON commands from stdin and execute them against an APK |
Example script (analysis.json):
{
"apk": "app.apk",
"commands": [
"info",
"security",
"signing",
{ "command": "search", "params": { "type": "strings", "pattern": "password|secret|key" } },
"analyze"
]
}apktool run analysis.json
echo '{"apk":"app.apk","commands":["info","security"]}' | apktool pipe app.apkCommands run against a single shared parse of the APK, and a failure in one command never stops the others (error isolation).
| Command | Description |
|---|---|
ai |
Generate LLM-ready prompts (-a explain|security-review|summarize|context) |
serve |
Start the HTTP API server (-p <port>, default 8080) |
apktool serve -p 8080
curl 'http://localhost:8080/api/v1/info?apk=/path/to/app.apk'
curl 'http://localhost:8080/api/v1/security?apk=/path/to/app.apk' | jq '.riskScore'Nearly every analysis command has a matching GET /api/v1/<command>?apk=<path> endpoint, plus POST endpoints for operations (decode, build, install-framework, …). See CLAUDE.md for the full endpoint list.
skills/
quick-analysis/ — fast triage workflow
security-audit/ — security audit workflow
compare/ — version comparison workflow
reverse/ — reverse engineering workflow
reference/ — command reference
decode-build/ — decode & build workflow
dex-deep-dive/ — DEX deep analysis workflow
network-analysis/ — network communication workflow
malware-hunt/ — malware hunting workflow
resource-explorer/ — resource exploration workflow
signing-verify/ — signing verification workflow
brut.apktool/
apktool-lib/ — core library (ApkAnalyzer, ApkSearcher, ApkDiff, ScriptRunner)
apktool-cli/ — unified `apktool` CLI entry point (Main.java)
apktool-serve/ — HTTP API server (Javalin)
apktool-ai-cli/ — skill dispatch layer
.claude-plugin/
plugin.json — plugin metadata
marketplace.json — marketplace config
CLAUDE.md — AI entry-point documentation
apktool — unified CLI wrapper script
The library layer is the single source of truth: every CLI command, HTTP endpoint, and skill dispatch ultimately calls the same ApkAnalyzer / ApkSearcher / ApkDiff methods, guaranteeing consistent JSON across all surfaces.
./gradlew build shadowJar
# then use: apktool <command>Requires JDK 17+. The shadowJar task produces a self-contained CLI jar that the apktool wrapper script invokes.
AI-Apktool is built on top of Apktool by Connor Tumbleson and the iBotPeaches team. All decode/build/resource-handling capabilities come from that project — this repository layers an AI-native analysis, scripting, and HTTP surface on top. Huge thanks to the upstream maintainers.
Apache License 2.0 — consistent with upstream Apktool.
