Tools :: Androguard

Author: Anthony Desnos
Current version: 1.9
Last updated: December 05, 2012
Direct D/L link:
License type: LGPL


Androguard (Android Guard) is primarily a tool written in full python to play with:

  • .class (JavaVM)
  • .dex (DalvikVM)
  • APK
  • JAR
  • Android’s binary xml


  • Map and manipulate DEX/ODEX/APK/AXML/ARSC format into full Python objects
  • Diassemble/Decompilation/Modification of DEX/ODEX/APK format
  • Decompilation with the first native (directly from dalvik bytecodes to java source codes) dalvik decompiler (DAD)
  • Access to static code analysis. Includes basic blocks, instructions, permissions (with database from
  • Allows creating your own static analysis tool
  • Analysis a bunch of Android apps
  • Analysis with ipython/Sublime Text Editor
  • Diffing of Android applications
  • Measure the efficiency of obfuscators (proguard, …)
  • Determine if your application has been pirated (plagiarism/similarities/rip-off indicator)
  • Check if an Android application is present in a database (malwares, goodwares ?)
  • Open source database of Android malware (done in limited free time, so help is welcome!)
  • Detection of ad/open source librairies (WIP)
  • Risk indicator of malicious application
  • Reverse engineering of applications (goodwares, malwares)
  • Transform Android’s binary xml (like AndroidManifest.xml) into classic xml
  • Visualize your application with gephi (gexf format), or with cytoscape (xgmml format), or PNG/DOT output
  • Integration with external decompilers (JAD+dex2jar/DED/fernflower/jd-gui…)