diff --git a/android-reverse-engineering/SKILL.md b/android-reverse-engineering/SKILL.md new file mode 100644 index 0000000..98745fa --- /dev/null +++ b/android-reverse-engineering/SKILL.md @@ -0,0 +1,59 @@ +--- +name: android-reverse-engineering +description: "Decompile Android APK/XAPK/JAR/AAR files and extract/document HTTP APIs (Retrofit/OkHttp/URLs) with a repeatable workflow." +version: 1.0.0 +author: "SimoneAvogadro (fork: gmh5225)" +tags: [android, reverse-engineering, jadx, fernflower, vineflower, dex2jar, okhttp, retrofit, api] +trigger: decompile APK|decompile XAPK|reverse engineer Android|extract API|analyze Android|jadx|fernflower|vineflower|follow call flow|decompile JAR|decompile AAR|Android reverse engineering|find API endpoints +--- + +# Android Reverse Engineering & API Extraction + +This skill provides a structured workflow to: +- decompile Android artifacts (APK/XAPK/JAR/AAR) +- trace call flows from entry points to network layers +- extract and document HTTP APIs (Retrofit endpoints, OkHttp calls, hardcoded URLs, auth patterns) + +## Prerequisites + +- Java JDK 17+ +- `jadx` (CLI) +- Optional (recommended): Vineflower/Fernflower, dex2jar + +## Workflow (high-level) + +1. **Decompile** + - Use `jadx` first for a broad pass (resources + sources) + - Use Fernflower/Vineflower for better Java output on tricky code; compare when needed +2. **Analyze structure** + - Identify launcher Activity, Application class, and DI setup + - Map packages: `api`, `network`, `data`, `repository`, `service`, `retrofit`, `http` +3. **Trace call flows** + - UI entry point → ViewModel/Presenter → Repository → API service → HTTP client call +4. **Extract APIs** + - Retrofit: interface annotations (`@GET`, `@POST`, …) + - OkHttp: `Request.Builder`, `HttpUrl`, interceptors + - URLs: string literals (`http://`, `https://`) and base URL builders +5. **Document endpoints** + +Use this template for each endpoint you discover: + +```markdown +### `METHOD /path` + +- **Source**: `com.example.api.ApiService` (ApiService.java:42) +- **Base URL**: `https://api.example.com/v1` +- **Path params**: `id` (String) +- **Query params**: `page` (int), `limit` (int) +- **Headers**: `Authorization: Bearer ` +- **Request body**: `{ "email": "string", "password": "string" }` +- **Response**: `ApiResponse` +- **Called from**: `LoginActivity → LoginViewModel → UserRepository → ApiService` +``` + +## Notes + +This repository also ships a **Claude Code plugin** implementation (scripts, references, and the `/decompile` slash command) under: + +- `plugins/android-reverse-engineering/` + diff --git a/plugins/android-reverse-engineering/skills/android-reverse-engineering/SKILL.md b/plugins/android-reverse-engineering/skills/android-reverse-engineering/SKILL.md index 1c4ce95..9e046da 100644 --- a/plugins/android-reverse-engineering/skills/android-reverse-engineering/SKILL.md +++ b/plugins/android-reverse-engineering/skills/android-reverse-engineering/SKILL.md @@ -1,4 +1,9 @@ --- +name: android-reverse-engineering +description: "Decompile Android APK/XAPK/JAR/AAR files and extract/document HTTP APIs (Retrofit/OkHttp/URLs) with a repeatable workflow." +version: 1.0.0 +author: "SimoneAvogadro (fork: gmh5225)" +tags: [android, reverse-engineering, jadx, fernflower, vineflower, dex2jar, okhttp, retrofit, api] trigger: decompile APK|decompile XAPK|reverse engineer Android|extract API|analyze Android|jadx|fernflower|vineflower|follow call flow|decompile JAR|decompile AAR|Android reverse engineering|find API endpoints --- diff --git a/skills/android-reverse-engineering/SKILL.md b/skills/android-reverse-engineering/SKILL.md new file mode 100644 index 0000000..89392cc --- /dev/null +++ b/skills/android-reverse-engineering/SKILL.md @@ -0,0 +1,59 @@ +--- +name: android-reverse-engineering +description: "Decompile Android APK/XAPK/JAR/AAR files and extract/document HTTP APIs (Retrofit/OkHttp/URLs) with a repeatable workflow." +version: 1.0.0 +author: "SimoneAvogadro (fork: gmh5225)" +tags: [android, reverse-engineering, jadx, fernflower, vineflower, dex2jar, okhttp, retrofit, api] +trigger: decompile APK|decompile XAPK|reverse engineer Android|extract API|analyze Android|jadx|fernflower|vineflower|follow call flow|decompile JAR|decompile AAR|Android reverse engineering|find API endpoints +--- + +# Android Reverse Engineering & API Extraction + +This skill provides a structured workflow to: +- decompile Android artifacts (APK/XAPK/JAR/AAR) +- trace call flows from entry points to network layers +- extract and document HTTP APIs (Retrofit endpoints, OkHttp calls, hardcoded URLs, auth patterns) + +## Prerequisites + +- Java JDK 17+ +- `jadx` (CLI) +- Optional (recommended): Vineflower/Fernflower, dex2jar + +## Workflow (high-level) + +1. **Decompile** + - Use `jadx` first for a broad pass (resources + sources) + - Use Fernflower/Vineflower for better Java output on tricky code; compare when needed +2. **Analyze structure** + - Identify launcher Activity, Application class, and DI setup + - Map packages: `api`, `network`, `data`, `repository`, `service`, `retrofit`, `http` +3. **Trace call flows** + - UI entry point → ViewModel/Presenter → Repository → API service → HTTP client call +4. **Extract APIs** + - Retrofit: interface annotations (`@GET`, `@POST`, …) + - OkHttp: `Request.Builder`, `HttpUrl`, interceptors + - URLs: string literals (`http://`, `https://`) and base URL builders +5. **Document endpoints** + +Use this template for each endpoint you discover: + +```markdown +### `METHOD /path` + +- **Source**: `com.example.api.ApiService` (ApiService.java:42) +- **Base URL**: `https://api.example.com/v1` +- **Path params**: `id` (String) +- **Query params**: `page` (int), `limit` (int) +- **Headers**: `Authorization: Bearer ` +- **Request body**: `{ "email": "string", "password": "string" }` +- **Response**: `ApiResponse` +- **Called from**: `LoginActivity → LoginViewModel → UserRepository → ApiService` +``` + +## Notes + +This repository is primarily a **Claude Code plugin**. The full implementation (scripts, references, and the `/decompile` slash command) lives under: + +- `plugins/android-reverse-engineering/` +