jadx-ai-mcp MCP — Cas d'usage, Installer & Démo en direct

Name: jadx-ai-mcp MCP Server
Author: zinja-coder

Pourquoi l'utiliser

Fonctionnalités clés

25+ MCP tools for Android APK analysis, refactoring, and debugging
Real-time decompiled code access with AI recommendations
Cross-reference tracking for classes, methods, and fields with pagination
Code refactoring: rename classes, methods, fields, packages, and variables
Debugger integration with stack frames, threads, and variable inspection

Démo en direct

Aperçu en pratique

jadx-ai-mcp.replay ▶ prêt

0/0

Installer

Choisissez votre client

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "jadx-ai-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/zinja-coder/jadx-ai-mcp"
      ]
    }
  }
}

Ouvrez Claude Desktop → Settings → Developer → Edit Config. Redémarrez après avoir enregistré.

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "jadx-ai-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/zinja-coder/jadx-ai-mcp"
      ]
    }
  }
}

Cursor utilise le même schéma mcpServers que Claude Desktop. La config projet l'emporte sur la globale.

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "jadx-ai-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/zinja-coder/jadx-ai-mcp"
      ]
    }
  }
}

Cliquez sur l'icône MCP Servers dans la barre latérale Cline, puis "Edit Configuration".

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "jadx-ai-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/zinja-coder/jadx-ai-mcp"
      ]
    }
  }
}

Même format que Claude Desktop. Redémarrez Windsurf pour appliquer.

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "jadx-ai-mcp",
      "command": "TODO",
      "args": [
        "See README: https://github.com/zinja-coder/jadx-ai-mcp"
      ]
    }
  ]
}

Continue utilise un tableau d'objets serveur plutôt qu'une map.

~/.config/zed/settings.json

{
  "context_servers": {
    "jadx-ai-mcp": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/zinja-coder/jadx-ai-mcp"
        ]
      }
    }
  }
}

Ajoutez dans context_servers. Zed recharge à chaud à la sauvegarde.

claude mcp add jadx-ai-mcp -- TODO 'See README: https://github.com/zinja-coder/jadx-ai-mcp'

Une seule ligne. Vérifiez avec claude mcp list. Supprimez avec claude mcp remove.

Cas d'usage

Usages concrets : jadx-ai-mcp

How to analyze an Android APK with AI assistance using JADX

👤 Mobile security researchers analyzing APKs they have authorization to test ⏱ ~45 min intermediate

Quand l'utiliser : You have an APK to analyze and want AI to help understand its behavior.

Prérequis

JADX with jadx-ai-mcp plugin — jadx plugins --install 'github:zinja-coder:jadx-ai-mcp'
JADX MCP Server running — Set up the Python MCP server with uv

Déroulement

Check the manifest

Get the AndroidManifest.xml. What permissions does this app request and what components (activities, services, receivers) does it declare?✓ Copié

→ Parsed manifest with permission analysis
Find interesting classes

Search for classes related to network communication or encryption. List them with their methods.✓ Copié

→ Filtered class list with method signatures
Analyze and rename

Get the source code of the main network class. Rename obfuscated methods to descriptive names based on their behavior.✓ Copié

→ Decompiled code with meaningful names applied

Résultat : An annotated view of the APK with key functionality understood and obfuscation partially reversed.

Pièges

Heavily obfuscated apps resist decompilation — Use get_smali_of_class for bytecode-level analysis when decompilation fails

Combiner avec : filesystem

Debug an Android app with AI-assisted breakpoint analysis

👤 Android developers and security researchers debugging app behavior ⏱ ~30 min advanced

Quand l'utiliser : You need to understand runtime behavior that isn't clear from static analysis.

Prérequis

JADX configured for debugging — Connect JADX debugger to a running Android app or emulator

Déroulement

Set breakpoints and inspect

I'm debugging the login flow. Show me the current stack frames and local variables at the authentication method.✓ Copié

→ Stack trace with variable values at the breakpoint

Résultat : Runtime understanding of app behavior at critical code points.

Pièges

App detects debugger and exits — Look for anti-debugging checks in the code and bypass them before attaching

Combinaisons

Associez-le à d'autres MCPs pour un effet X10

jadx-ai-mcp + filesystem

Export decompiled and annotated code for documentation

Export the decompiled source of the authentication module and save it to ~/analysis/auth-module.java.✓ Copié

Outils

Ce que ce MCP expose

Outil	Entrées	Quand appeler
fetch_current_class	none	Get the currently selected class source code
search_classes_by_keyword	keyword: str	Find classes matching a keyword
get_android_manifest	none	Retrieve the AndroidManifest.xml
rename_class	old_name: str, new_name: str	Rename an obfuscated class
xrefs_to_method	class_name: str, method_name: str	Find all references to a method
get_smali_of_class	class_name: str	Get Dalvik bytecode (smali) for a class
debug_get_stack_frames	none	Get current debugger stack frames

Coût et limites

Coût d'exécution

Quota d'API: N/A — fully local
Tokens par appel: 200–2000 tokens per tool call
Monétaire: Free — both JADX and the plugin are open source
Astuce: Use search_classes_by_keyword to narrow targets before fetching full class sources.

Sécurité

Permissions, secrets, portée

Stockage des identifiants : N/A

Sortie de données : All analysis is local. No network calls from the MCP server.

⚠ This tool is designed for authorized security research, CTF competitions, and defensive analysis only. Do not use it against systems you don't own or have written authorization to test.
Only analyze APKs you have legal right to reverse engineer.

Dépannage

Erreurs courantes et correctifs

Plugin not loading in JADX

Ensure JADX version is compatible. Try reinstalling with: jadx plugins --install 'github:zinja-coder:jadx-ai-mcp'

Vérifier : jadx plugins --list

MCP server connection failed

Ensure the JADX MCP Server is running and the port matches your client config.

Vérifier : Check the server terminal for startup messages

Class not found in search

Obfuscated names may not match your search. Try broader patterns or search by method signatures.

Vérifier : get_all_classes to see available class names

Alternatives

jadx-ai-mcp vs autres

Alternative	Quand l'utiliser	Compromis
jadx-mcp-server	You only need the MCP server component without the JADX plugin	Server-only — still needs the jadx-ai-mcp plugin in JADX
GhidrAssistMCP	You want to analyze native binaries rather than Android Dalvik bytecode	Native binary focus vs Android-specific tools

Plus

Ressources

📖 Lire le README officiel sur GitHub

🐙 Voir les issues ouvertes

🔍 Parcourir les 400+ serveurs MCP et Skills