This project provides a JADX decompiler plugin and a companion Python server to enable live, context-aware reverse engineering of Android applications using Large Language Models (LLMs) like Claude. It targets Android security researchers and reverse engineers seeking to automate code analysis, vulnerability detection, and deobfuscation through AI assistance.

How It Works

The system comprises a JADX plugin (jadx-ai-mcp) and a Python server (jadx-mcp-server) that communicate via the Model Context Protocol (MCP). The JADX plugin exposes various functions to query the decompiled code (e.g., current class source, selected text, all classes) and sends this context to the MCP server. The server then relays this information to an LLM, allowing it to perform analysis, answer questions, and provide suggestions directly within the JADX GUI.

Quick Start & Requirements

• Installation:
  • JADX Plugin: jadx plugins --install "github:zinja-coder:jadx-ai-mcp" or manual JAR installation.
  • MCP Server: Download jadx-mcp-server-<version>.zip, unzip, navigate to the directory, and use uv for dependency management (uv venv, source .venv/bin/activate, uv pip install httpx fastmcp).
• Prerequisites: Java 11+, Python 3.10+, uv package manager.
• LLM Integration: Requires a compatible LLM client (e.g., Claude Desktop with MCP enabled) configured to point to the jadx_mcp_server.py script.
• Resources: Requires JADX, Python environment, and an LLM client. Setup time is minimal for the plugin, but configuring the LLM client and server depends on user familiarity.
• Links:
  • Releases: https://github.com/zinja-coder/jadx-ai-mcp/releases
  • MCP Client: https://github.com/zinja-coder/zin-mcp-client

Highlighted Details

• Real-time code review and AI-powered suggestions within JADX.
• Supports multiple AI agents and provides a rich set of MCP tools for context retrieval.
• Sample prompts cover code understanding, vulnerability detection, deobfuscation, and static analysis.
• Future roadmap includes support for Apktool, Hermes code, and LLM-driven code modification.

Maintenance & Community

The project is actively maintained by zinja-coder. Issues and feature requests can be reported via GitHub issues. The project is built on top of JADX by @skylot.

Licensing & Compatibility

Inherits the Apache 2.0 License from the original JADX repository, allowing for commercial use and closed-source linking.

Limitations & Caveats

The project is primarily tested with Claude Desktop. Support for other AI models and clients is under development. The roadmap indicates features like LLM code modification are planned but not yet implemented.