Author: yifei / Created: May 30, 2017, 3:31 p.m. / Modified: May 30, 2017, 3:38 p.m.


compile and install jadx

mkdir jadx git clone cd jadx ./gradlew dist # you might need to wait on this

decompile apk

1. change apk to zip file and unzip it
2. copy out the class.dex file
3. build/jadx/bin/jadx -d OUTDIR PATH_TO_CLASS.DEX
or jadxgui PATH


apk studio

如何 sign:

smali code tutorial:

一篇很好的pdf的文档,利用smali code:

安卓中 pinning 的原理

使用自己的keystore实例化 TrustManagerFactory


InputStream in = resources.openRawResource(certificateRawResource);//file name of res/raw keyStore = KeyStore.getInstance("BKS"); keyStore.load(resourceStream, password);

一些现成的 工具 xposed 插件,已测试不好用 需要cydia

豌豆荚商店中有一个 xposed installer miui专版,使用这个可以很好地安装 xposed



另外一些工具 需要cydia 一个基础工具,通过替换trust manager实现

arm 汇编教程


有任何问题可以发邮件到 kongyifei (at) 讨论