[feature] Better Deobfuscation for Android

[pawaom]

Better Deobfuscation for Android

Recently came across a Site called apk-deguard , which claims to have "Statistical Deobfuscation for Android"

When we tested it it certainly was better at getting classes which are part of standard Android and Kotlin Libraries as compared to JADX which provided shortened single letter names for those classes, If this feature can be included it will be better for decompiling.

[jpstotz]

The approach to use machine learning to deobfuscate class and package names sounds nice. However the apk-deguard website is just a demo, the underlying implementation is not available for download (at least I wasn't able to find something to download).

So the only option would be to re-implement everything based on the scientific paper. But the required system like Nice2Predict is pretty large and also the trained model is required, which means an integration into Jadx is not suitable.

[pawaom]

This video is of the creator of Apk-deguard

https://www.youtube.com/watch?v=CT_XmRrvDYg

They explain how they had developed their website, hopefully this might help.

[devnoname120]

You could reach out to the professor and/or the doctoral student who worked on this. JSNice (+ trained models) is open-source so they might release the source code and the trained models for apk-deguard if you ask politely.

[thilojaeggi]

Looks like it doesn't work anymore? Always fails for me.