DEV.co
Open-Source Security · yhs0602

Android-Disassembler

Android-Disassembler is a mobile app for reverse-engineering binaries on Android devices, supporting ELF, PE, DEX, and other formats. It uses Capstone for disassembly and includes symbol table viewing, export options, and hex analysis.

Source: GitHub — github.com/yhs0602/Android-Disassembler
702
GitHub stars
109
Forks
Kotlin
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryyhs0602/Android-Disassembler
Owneryhs0602
Primary languageKotlin
LicenseMIT — OSI-approved
Stars702
Forks109
Open issues39
Latest releasev2.1.5 (2021-08-06)
Last updated2026-03-22
Sourcehttps://github.com/yhs0602/Android-Disassembler

What Android-Disassembler is

Kotlin-based Android application that wraps Capstone, ELFIO, PECOFF4J, and Smali to disassemble ARM, x86, x64, MIPS, and PowerPC binaries. Supports multi-file projects, syntax highlighting, bytewise entropy analysis, and direct file browser integration via SAF.

Quickstart

Get the Android-Disassembler source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/yhs0602/Android-Disassembler.gitcd Android-Disassembler# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

On-device malware or APK analysis

Analyze suspicious APKs, native libraries (.so), and DEX files directly on Android without a desktop workstation. Useful for security researchers with rooted or unrooted phones.

NDK/JNI library inspection

Examine ARM or x86 shared libraries compiled from native code. View symbol tables, follow jumps, and cross-reference function entry points in compiled NDK modules.

Portable reverse-engineering workflow

Lightweight alternative to desktop tools (IDA, Ghidra) when analyzing binaries on constrained mobile environments. Export projects and details for offline archival or team sharing.

Implementation considerations

  • Git submodules must be initialized before building; requires Android SDK/NDK configuration.
  • App uses SAF (Storage Access Framework) for file access on modern Android; power-user features (root, raw filesystem) are opt-in and separate from default flow.
  • Latest formal release (v2.1.5) is from Aug 2021, but last code push was Mar 2026 (suggests active development branch). Verify stability before production adoption.
  • Capstone-based disassembly is accurate for instruction-level analysis but does not generate high-level IR or decompiled pseudocode.
  • Symbol resolution and IAT/EAT parsing depend on PE/ELF header integrity; malformed or stripped binaries may require manual setup.

When to avoid it — and what to weigh

  • Need production-grade static analysis — App is a UI wrapper around existing libraries; lacks advanced features (CFG generation, data-flow analysis, decompilation). Not suitable as primary security platform.
  • Require commercial support or SLAs — Community-maintained project in 'recovery and modernization' phase. No vendor support, no formal maintenance guarantees, and 39 open issues indicate backlog.
  • Must integrate into automated pipelines — Desktop GUI app designed for interactive use only. No CLI, API, or batch processing; difficult to integrate into CI/CD or server-side workflows.
  • Strict data isolation required — README discloses crash reports may attach analyzed files to GitHub issues. Unsuitable for highly sensitive or confidential binary analysis.

License & commercial use

MIT License. Permits commercial use, modification, and distribution with attribution. Includes dependency on Capstone (ACME License), ELFIO (LGPL), PECOFF4J (Apache 2.0), Smali (Apache 2.0), and other Apache-licensed libraries. Review all transitive dependencies for license compliance.

MIT license allows commercial deployment without royalties. However, transitive dependencies include Apache 2.0 (Java-binutils, PECOFF4J, commons-*, Smali) and LGPL (ELFIO). Ensure your legal team reviews all bundled libraries. No commercial support or SLAs available from the maintainer.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityNeeds review
Deployment complexityModerate
DEV.co fitGood
Assessment confidenceHigh
Security considerations

App is a security analysis tool, not a hardened platform. No formal security audit documented. Crash reports may attach analyzed binaries to public GitHub repositories, creating confidentiality risk for sensitive reverse-engineering. Root/raw-filesystem features require elevated permissions; review threat model for untrusted APKs. Capstone library is mature and well-maintained, but app-specific logic may contain bugs—test with non-critical binaries first.

Alternatives to consider

Ghidra (desktop, free, NSA-maintained)

Full-featured decompiler with CFG, data-flow analysis, and scripting. Requires desktop workstation but dramatically superior analysis depth.

IDA Pro (desktop, commercial, Hex-Rays)

Industry standard; supports more architectures and file formats. Expensive but offers commercial support and proven stability.

Radare2 (CLI/desktop, free, open-source)

Scriptable, portable binary analysis framework with plugin ecosystem. Steeper learning curve but better suited for automation and batch workflows.

Software development agency

Build on Android-Disassembler with DEV.co software developers

Download from Play Store or GitHub, test with non-critical binaries, and review the privacy policy before analyzing sensitive code. For enterprise analysis pipelines, compare against Ghidra or Radare2.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

Android-Disassembler FAQ

Can I use this in a security scanning SaaS platform?
Technically yes under MIT, but app design is GUI-only and not headless. You would need to fork, add a CLI/API layer, and handle async file I/O—significant engineering effort. Evaluate Radare2 or Ghidra server editions first.
Does it support Windows PE analysis on Android?
Yes. PECOFF4J library parses PE headers (EXE, DLL, SYS) and extracts IAT/EAT tables. Disassembly of x86/x64 sections is supported via Capstone, but analysis remains instruction-level only.
What happens if I analyze a confidential binary?
README warns: crash reports with FileCorruptedException may attach the analyzed file to GitHub issues and the repository. Avoid analyzing proprietary binaries unless you accept this risk.
Is the app available for iOS?
No. Android-only. iOS lacks native support for interactive disassembly apps due to App Store restrictions on binary modification and dynamic loading.

Software development & web development with DEV.co

DEV.co helps companies turn open-source tools like Android-Disassembler into production software. Our software development services cover the full lifecycle — architecture, web development, integration, and maintenance — delivered by software developers and web developers who ship. Engage our software development agency to implement or customize it for your open-source security stack.

Ready to evaluate for your reverse-engineering workflow?

Download from Play Store or GitHub, test with non-critical binaries, and review the privacy policy before analyzing sensitive code. For enterprise analysis pipelines, compare against Ghidra or Radare2.