As the saying goes, if a worker wants to do a good job, he must first sharpen his tools!
The rapid development and widespread popularity of mobile applications have brought massive amounts of data, which are of great value for market analysis, user behavior insight, and business optimization. However, due to the particularity and protection measures of mobile applications, traditional crawler technology faces many challenges in collecting mobile application data. Therefore, the importance of App crawler collection and reverse engineering in the crawler field cannot be underestimated
However, App acquisition and reverse engineering is not an easy task. For us, we need to master a series of professional tools and techniques. In this field, choosing the right tools and mastering relevant skills is very important, and they will be our sharp weapons
The following will introduce some recommended App crawler collection and reverse engineering tools, which have been carefully selected and some of the authors have also used them
1. Network packet capture tool :
- Fiddler : A powerful web capture tool for intercepting and analyzing network request and response data
- Charles : A popular cross-platform proxy tool for intercepting, recording and analyzing HTTP/HTTPS traffic
- ProxyDroid : A proxy tool on the Android platform, which can help set up a proxy server, facilitate packet capture and modify network traffic
- PacketCapture : A network packet capture tool on the Android platform, which can capture and analyze network traffic on the device
- Reqable : Early HttpCanary , a network capture tool on the Android platform, can intercept, record and analyze HTTP/HTTPS requests and responses
2. Reverse tools :
- Jadx : A tool for decompiling APK files, which can convert APK files into readable Java source code
- IDA : A powerful disassembly and reverse engineering tool for analyzing and modifying binary files, which can be injected into the APP process after starting the server on the mobile phone to use the dynamic debugging function
- apktool : A tool for decompiling and repacking Android APK files, which can view and modify the resources and codes of APK files.
- dex2jar : A tool for converting Android DEX files to JAR files for easy decompilation and analysis
- jd-gui : A Java bytecode decompilation tool that converts compiled Java class files into readable Java source code
3. Hook tool :
- Xposed : A framework for modularizing Hooks in the Android system, used to modify and extend the behavior of applications
- Frida : A powerful dynamic instrumentation tool that can be used to modify and monitor the behavior of applications at runtime
- Objection : A tool for runtime detection, analysis and modification in iOS and Android apps
- inspeckage : A tool for runtime analysis and detection of Android applications, supporting Hook and dynamic injection functions. Among them, there are Crypto and Hash in its Hook list. These two types are simply precise strikes when cracking the encryption parameters of most APPs, because the encryption parameters of most APPs are inseparable from the four types of MD5 , SHA1 , AES , and DES . They are all in the Hook target ( and not just these four... ), when you open Inspeckage and then open its web terminal, and then open the specified APP operation, a search, the encryption parameters will be invisible
4. Group control automation :
- Appium : An open source automated testing framework for mobile applications. This APP crawler is also used a lot, and it is completely possible to do group control
- AirTest : A cross-platform automated testing framework developed by NetEase, which natively supports group control. Supports automated testing of Android and iOS applications
- ATX : An open source framework for automated testing of Android devices, supporting multiple operations and interactions
- AutoJs : A JavaScript-based Android automated testing framework for simulating user interaction and operations
Well, it's time to say goodbye to everyone here again. It's not easy to create, please give me a like before leaving. Your support is the driving force for my creation, and I hope to bring you more high-quality articles