From Collaborative RCE Tool Library

Jump to: navigation, search

Java Tools


Tool name: jClazzME
Rating: 5.0 (1 vote)
Author: Annimon                        
Website: http://annimon.wen.ru
Current version: 1.2.3
Last updated: June 8, 2009
Direct D/L link: bin_jClazzME_2010-6-1_14.44__jClazzME.jar
License type: Unknown - Open Source
Description: jClazzME is a tool for decompiling Java class file.

jClazzME is a J2ME application . Therefore it would work for any mobile phone that support J2ME with JSR-75.

jClazzME is also a Java disassembler.
Also listed in: Decompilers, Java Decompilers, Mobile Platform Decompilers, Mobile Platform Tools, Symbian Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Java Decompiler
Rating: 5.0 (1 vote)
Author: Java Decompiler project                        
Website: http://java.decompiler.free.fr
Current version: 0.3.2
Last updated: March 20, 2010
Direct D/L link: N/A
License type: Free
Description: The “Java Decompiler project” aims to develop tools in order to decompile and analyze Java 5 “byte code” and the later versions.

JD-Core is a freeware library that reconstructs Java source code from one or more “.class” files. JD-Core may be used to recover lost source code and explore the source of Java runtime libraries. New features of Java 5, such as annotations, generics or type “enum”, are supported. JD-GUI and JD-Eclipse include JD-Core library.

JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields.

JD-Eclipse is a plug-in for the Eclipse platform. It allows you to display all the Java sources during your debugging process, even if you do not have them all.

JD-Core, JD-GUI and JD-Eclipse are free for non-commercial use. This means that JD-Core, JD-GUI and JD-Eclipse shall not be included or embedded into commercial software products. Nevertheless, these projects may be freely used for personal needs in a commercial or non-commercial environments.
Also listed in: Java Decompilers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Javassist
Rating: 5.0 (1 vote)
Author: Shigeru Chiba                        
Website: http://www.csg.is.titech.ac.jp/~chiba/javassist/
Current version: 3.12.0.GA
Last updated: April 16, 2010
Direct D/L link: N/A
License type: Free
Description: Javassist (Java Programming Assistant) makes Java bytecode manipulation simple. It is a class library for editing bytecodes in Java; it enables Java programs to define a new class at runtime and to modify a class file when the JVM loads it. Unlike other similar bytecode editors, Javassist provides two levels of API: source level and bytecode level. If the users use the source-level API, they can edit a class file without knowledge of the specifications of the Java bytecode. The whole API is designed with only the vocabulary of the Java language. You can even specify inserted bytecode in the form of source text; Javassist compiles it on the fly. On the other hand, the bytecode-level API allows the users to directly edit a class file as other editors.

Aspect Oriented Programming: Javassist can be a good tool for adding new methods into a class and for inserting before/after/around advice at the both caller and callee sides.

Reflection: One of applications of Javassist is runtime reflection; Javassist enables Java programs to use a metaobject that controls method calls on base-level objects. No specialized compiler or virtual machine are needed.
Also listed in: Java Code Injection Tools, Java Executable Editors & Patchers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: radare
Rating: 5.0 (2 votes)
Author: pancake                        
Website: http://www.radare.org
Current version: 2.0.0
Last updated: October 10, 2017
Direct D/L link: http://bin.rada.re/radare2-w32-2.0.0.zip
License type: LGPL
Description: The radare project aims to provide a complete unix-like toolchain for working with binary files. It currently provides a set of tools to work with 6502, 8051, arc, arm64, avr, brainfuck, whitespace, malbolge, cr16, dcpu16, ebc, gameboy, h8300, tms320, nios2, x86, x86_64, mips, arm, snes, sparc, csr, m68k, powerpc, dalvik and java.

The main program is 'r2' a commandline hexadecimal editor with support for debugging, disassembling, analyzing structures, searching data, analyzing code and support for scripting with bindings for Python, NodeJS, Perl, Ruby, Go, PHP, Vala, Java, Lua, OCaml.

Radare comes with the unix phylosophy in mind. Each module, plugin, tool performs a specific task and each command can be piped to another to extend its functionality. Also, it treats everything as a file: processes, sockets, files, debugger sessions, libraries, etc.. Everything is mapped on a virtual address space that can be configured to map multiple files on it and segment it.

If you are interested or feel attracted by the project join us in the #radare channel at irc.freenode.net.

See website for more details.
Also listed in: .NET Disassemblers, Assemblers, Binary Diff Tools, Code Injection Tools, Debuggers, Disassemblers, Hex Editors, Java Disassembler Libraries, Linux Debuggers, Linux Disassemblers, Linux Tools, Memory Dumpers, Memory Patchers, Process Dumpers, Reverse Engineering Frameworks, Ring 3 Debuggers, String Finders, Symbol Retrievers, SysCall Monitoring Tools, Tracers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Jad
Rating: 4.0 (1 vote)
Author: Pavel Kouznetsov                        
Website: http://www.kpdus.com/jad.html
Current version: 1.5.8g
Last updated: July 2, 2006
Direct D/L link: Locally archived copy
License type: Free
Description: Jad - the fast JAva Decompiler

Jad is a Java decompiler, i.e. program that reads one or more Java class files and converts them into Java source files which can be compiled again.

Jad is a 100% pure C++ program and it generally works several times faster than decompilers written in Java.
Jad doesn't use the Java runtime for its functioning, therefore no special setup is required (like changes to the CLASSPATH variable).

Jad can be used:

* for recovering lost source codes;
* for exploring the sources of Java runtime libraries;
* as a Java disassembler;
* as a Java source code cleaner and beautifier. just kidding

Jad expects that supplied Java class files are valid ones, i.e. they can pass the Java Virtual Machine (JVM) verification successfully.

The Jad main features:

* Enhanced readability of the generated source code.
* Ability to comment Java source code with JVM bytecodes. Useful for verification and educational purposes.
* Full support for inner and anonymous classes.
* Fast decompilation and simple setup.
* Automatic conversion of identifiers garbled by Java obfuscators into valid ones.
* Free for non-commercial use. If you would like to use Jad for commercial purposes, please contact me for conditions.
Also listed in: Java Decompilers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Androguard
Rating: 0.0 (0 votes)
Author: Anthony Desnos                        
Website: http://code.google.com/p/androguard/
Current version: 0.9
Last updated: September 25, 2011
Direct D/L link: http://androguard.googlecode.com/files/androguard-0.9.tar.gz
License type: LGPL
Description: Androguard (Android Guard) is primarily a tool written in full python to play with :
- .class (JavaVM)
- .dex (DalvikVM)
- APK
- JAR
- Android's binary xml

Androguard has the following features :
- Map and manipulate (read/write) DEX/CLASS/APK/JAR files into full Python objects,
- Native support of DEX code in a c++ library,
- Access to the static analysis of your code (basic blocks, instructions, permissions (with database from http://www.android-permissions.org/) ...) and create your own static analysis tool,
- Check if an android application is present in a database (malwares, goodwares ?),
- Open source database of android malwares,
- Diffing of android applications,
- Measure the efficiency of obfuscators (proguard, ...),
- Determine if your application has been pirated (rip-off indicator),
- Risk indicator of malicious application,
- Reverse engineering of applications (goodwares, malwares),
- Transform Android's binary xml (like AndroidManifest.xml) into classic xml,
- Visualize your application into cytoscape (by using xgmml format), or PNG/DOT output,
- Patch JVM classes, add native library dependencies,
- Dump the jvm process to find classes into memory,
- ...
Also listed in: Android Tools, Binary Diff Tools, Disassembler Libraries, Disassemblers, Entropy Analyzers, Java Disassembler Libraries, Malware Analysis Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: BCEL
Rating: 0.0 (0 votes)
Author: The Apache Jakarta Project                        
Website: http://jakarta.apache.org/bcel
Current version: 5.2
Last updated: June 6, 2006
Direct D/L link: N/A
License type: Free / Open Source
Description: The Byte Code Engineering Library is intended to give users a convenient possibility to analyze, create, and manipulate (binary) Java class files (those ending with .class). Classes are represented by objects which contain all the symbolic information of the given class: methods, fields and byte code instructions, in particular.

Such objects can be read from an existing file, be transformed by a program (e.g. a class loader at run-time) and dumped to a file again. An even more interesting application is the creation of classes from scratch at run-time. The Byte Code Engineering Library (BCEL) may be also useful if you want to learn about the Java Virtual Machine (JVM) and the format of Java .class files.

BCEL contains a byte code verifier named JustIce, which usually gives you much better information about what's wrong with your code than the standard JVM message.

BCEL is already being used successfully in several projects such as compilers, optimizers, obsfuscators, code generators and analysis tools. Unfortunately there hasn't been much development going on over the past few years.
Also listed in: Java Disassembler Libraries
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Bytecode Viewer
Rating: 0.0 (0 votes)
Author: Konloch                        
Website: https://bytecodeviewer.com/
Current version: 2.9.11 (JRE 8, 9 & 10)
Last updated: March 26, 2018
Direct D/L link: Locally archived copy
License type: Open source
Description: FEATURES:

* Easy to use yet extremely effective.

* Written to run on Java 7, supports Java 8.

* Compile Decompiled Java classes with Ranino Compiler.

* Quickly decompile classes using JD-Core.

* Easily edit APKs via Smali/Baksmali integration.

* Java Decompiling with five different decompilers (DJ-GUI/Core, Procyon, CFR, Fernflower and Krakatau).

* Bytecode Decompiling with CFIDE.

* Android APK integrated with Dex2Jar.

* Securely launch Java applications and insert hooks via EZ-Injection.

* Scan for malicious code with the Malicious Code Scanner plugin.

* Export as DEX, Jar, Class, Zip or Java Source File.

* Open Android APKs, Android DEX, Java Class Files and Java Jars.

* Extensively configurable, over 100+ settings!

* Works seamlessly with all Operating Systems.

* Integrate BCV into Windows by installing it, it'll associate all .class, .dex and .apk to open with BCV.

* View Jar & APK Resources with ease by APKTool.jar integration.

* 100% free and open sourced under GPL v3 CopyLeft.
Also listed in: Java Decompilers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: DED
Rating: 0.0 (0 votes)
Author: Damien Octeau, Patrick McDaniel, William Enck                         
Website: http://siis.cse.psu.edu/ded/
Current version: 0.7.1
Last updated: August 17, 2011
Direct D/L link: http://siis.cse.psu.edu/ded/downloads.html
License type: free (copyrighted material)
Description: Background:
ded is a project which aims at decompiling Android applications. The ded tool retargets Android applications in .dex format to traditional .class files. These .class files can then be processed by existing Java tools, including decompilers. Thus, Android applications can be analyzed using a vast range of techniques developed for traditional Java applications.

Usage:
% ded-<version> -d <output dir> <dex/apk file>
Also listed in: Android Tools, Java Disassembler Libraries
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: DJ Java Decompiler
Rating: 0.0 (0 votes)
Author: A. Neshkov                        
Website: http://members.fortunecity.com/neshkov/dj.html
Current version: 3.10.10.93
Last updated: February 21, 2008
Direct D/L link: Locally archived copy
License type: Free
Description: With DJ Java Decompiler you can decompile java CLASS files and save it in text or other format. It's simple and easy.
DJ Java Decompiler is Windows 95/98/Me/NT/2000/XP/2003/Vista decompiler and disassembler for Java that reconstructs the original source code from the compiled binary CLASS files (for example Java applets). DJ Java Decompiler is able to decompile complex Java applets and binaries, producing accurate source code. DJ Java Decompiler is a stand-alone Windows application; it doesn't require having Java installed! DJ Java Decompiler is not just Java decompiler and disassembler but it is also a fully featured Java editor using the graphic user interface with syntax-coloring. Using DJ Java Decompiler is easy. Select Open and load your desired class file, or just double-click the CLASS file you want to decompile. DJ Java Decompiler supports drag-and-drop functions for OLE. You will see the source code instantly! In Windows Explorer Right mouse-button pop-up menu available too. You can decompile or disassembler a CLASS files on your computer hard disk or on a network drive that you have a connection to (you must have a full access rights or just change the default output directory for .jad files). You don't need to have the Java Virtual Machine or any other Java SDK installed. But this latest release is able to compile, run, create JAR archives and run applets outside of the context of a Web browser when JDK is installed. With DJ Java Decompiler you can decompile more than one java class file at one time. This release enables users to decompile "dead" parts of code.
DJ Java Decompiler is suitable for studying JAVA bytecode. DJ Java Decompiler enables users to save, print, edit and compile the generated java code (see Why is a DJ Java Decompiler useful). Included Applet Tag Editor enables users to create applets quickly. Included "Archiver" tool is a simple archive file manager wich enables users to work with .JAR, .ZIP and .EXE archives (see New features in version 3.10.10.93 and New features in version 3.9.9.91)
DJ Java Decompiler is a graphical decompiler and disassembler for Windows 95/98/Me/NT/2000/XP/2003/Vista that uses the command-line version of Jad as its decompiling engine.
DJ Java Decompiler is written and supported by Atanas Neshkov. If you have any questions, bug reports or comments regarding DJ Java Decompiler, please send e-mail to at_neshkov@yahoo.com
DJ Java Decompiler 3.7.7.81 is a freeware software. I hope you will enjoy having it and will find it useful to you! If you like this program and want to help it's author to continue working on it and improving it, you may contribute a modest / small donation, which I would be extremely grateful to receive from you!
Also listed in: Java Decompilers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: dirtyJOE
Rating: 0.0 (0 votes)
Author: ReWolf                        
Website: http://dirty-joe.com
Current version: 1.6 (c472)
Last updated: November 28, 2013
Direct D/L link: http://dirty-joe.com/bin/rewolf_dirtyjoe_v1.6_(c472)_x86.zip
License type: Free
Description: dirtyJOE - Java Overall Editor is a complex editor and viewer for compiled java binaries (.class files).

dirtyJOE is free for non-commercial use.
dirtyJOE is entirely written in C++.
dirtyJOE is using Python library as a script engine.

Main features:
* Viewer for: constant pool, methods, fields, attributes
* Editor for: constant pool, bytecode, file header, attributes
* Python scripting for encrypted strings
Also listed in: Java Executable Editors & Patchers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: JD-GUI
Rating: 0.0 (0 votes)
Author: emmanue1                        
Website: http://jd.benow.ca/
Current version: 1.0.0
Last updated: March 25, 2018
Direct D/L link: N/A
License type: Open source
Description: JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields.
Also listed in: Java Decompilers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: JavaSnoop
Rating: 0.0 (0 votes)
Author: Aspect Security                        
Website: https://www.aspectsecurity.com/research/appsec_tools/javasnoop/
Current version: 1.1 RC2
Last updated: January 15, 2012
Direct D/L link: Locally archived copy
License type: Free
Description: A tool that lets you intercept methods, alter data and otherwise test the security of Java applications on your computer

Normally, without access to the original source code, testing the security of a Java client is unpredictable at best and unrealistic at worst. With access the original source, you can run a simple Java program and attach a debugger to it remotely, stepping through code and changing variables where needed. Doing the same with an applet is a little bit more difficult.

Unfortunately, real-life scenarios don’t offer you this option, anyway. Compilation and decompilation of Java are not really as deterministic as you might imagine. Therefore, you can’t just decompile a Java application, run it locally and attach a debugger to it.

Next, you may try to just alter the communication channel between the client and the server, which is where most of the interesting things happen anyway. This works if the client uses HTTP with a configurable proxy. Otherwise, you’re stuck with generic network traffic altering mechanisms. These are not so great for almost all cases, because the data is usually not plaintext. It’s usually a custom protocol, serialized objects, encrypted, or some combination of those.

JavaSnoop attempts to solve this problem by allowing you attach to an existing process (like a debugger) and instantly begin tampering with method calls, run custom code, or just watch what’s happening on the system.
Also listed in: Java Code Injection Tools, Network Monitoring Tools, Network Sniffers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: jclasslib
Rating: 0.0 (0 votes)
Author: ej-technologies                        
Website: http://www.ej-technologies.com/products/jclasslib/overview.html
Current version: 3.0
Last updated: January 14, 2005
Direct D/L link: Locally archived copy
License type: Free / Open Source
Description: jclasslib bytecode viewer is a tool that visualizes all aspects of compiled Java class files and the contained bytecode. In addition, it contains a library that enables developers to read, modify and write Java class files and bytecode.
Also listed in: Java Disassembler Libraries
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)


RSS feed Feed containing all updates and additions for this category.

RSS feed Feed containing all updates and additions for this category, including sub-categories.


Subcategories

There are 4 subcategories to this category.





Views