/ 目錄 / 演練場 / jadx-ai-mcp
← 全部伺服器 ↗ GitHub
● 社群 zinja-coder ⚡ 即開即用

jadx-ai-mcp

作者 zinja-coder · zinja-coder/jadx-ai-mcp

JADX plugin for AI-powered Android APK analysis — decompile, search, rename, debug, and trace xrefs with LLM assistance.

jadx-ai-mcp is a JADX decompiler plugin that integrates with MCP to enable AI-assisted Android APK reverse engineering. It provides 25+ tools for code analysis (class/method browsing, smali access), resource inspection (AndroidManifest, strings), refactoring (rename classes, methods, fields, variables), debugging (stack frames, threads, variables), and cross-reference tracking. Works with Claude Desktop, Cherry Studio, and other MCP clients.

▶ 觀看演示 📦 安裝 💡 使用場景

為什麼要用

核心特性

即時演示

實際使用效果

jadx-ai-mcp.replay ▶ 就緒
0/0

安裝

選擇你的客戶端

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "jadx-ai-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/zinja-coder/jadx-ai-mcp"
      ]
    }
  }
}

開啟 Claude Desktop → Settings → Developer → Edit Config。儲存後重啟應用。

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "jadx-ai-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/zinja-coder/jadx-ai-mcp"
      ]
    }
  }
}

Cursor 使用與 Claude Desktop 相同的 mcpServers 格式。專案級設定優先於全域。

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "jadx-ai-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/zinja-coder/jadx-ai-mcp"
      ]
    }
  }
}

點擊 Cline 側欄中的 MCP Servers 圖示,然後選 "Edit Configuration"。

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "jadx-ai-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/zinja-coder/jadx-ai-mcp"
      ]
    }
  }
}

格式與 Claude Desktop 相同。重啟 Windsurf 生效。

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "jadx-ai-mcp",
      "command": "TODO",
      "args": [
        "See README: https://github.com/zinja-coder/jadx-ai-mcp"
      ]
    }
  ]
}

Continue 使用伺服器物件陣列,而非映射。

~/.config/zed/settings.json
{
  "context_servers": {
    "jadx-ai-mcp": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/zinja-coder/jadx-ai-mcp"
        ]
      }
    }
  }
}

加入 context_servers。Zed 儲存後熱重載。

claude mcp add jadx-ai-mcp -- TODO 'See README: https://github.com/zinja-coder/jadx-ai-mcp'

一行命令搞定。用 claude mcp list 驗證,claude mcp remove 移除。

使用場景

實戰用法: jadx-ai-mcp

How to analyze an Android APK with AI assistance using JADX

👤 Mobile security researchers analyzing APKs they have authorization to test ⏱ ~45 min intermediate

何時使用: You have an APK to analyze and want AI to help understand its behavior.

前置條件
  • JADX with jadx-ai-mcp plugin — jadx plugins --install 'github:zinja-coder:jadx-ai-mcp'
  • JADX MCP Server running — Set up the Python MCP server with uv
步驟
  1. Check the manifest
    Get the AndroidManifest.xml. What permissions does this app request and what components (activities, services, receivers) does it declare?✓ 已複製
    → Parsed manifest with permission analysis
  2. Find interesting classes
    Search for classes related to network communication or encryption. List them with their methods.✓ 已複製
    → Filtered class list with method signatures
  3. Analyze and rename
    Get the source code of the main network class. Rename obfuscated methods to descriptive names based on their behavior.✓ 已複製
    → Decompiled code with meaningful names applied

結果: An annotated view of the APK with key functionality understood and obfuscation partially reversed.

注意事項
  • Heavily obfuscated apps resist decompilation — Use get_smali_of_class for bytecode-level analysis when decompilation fails
搭配使用: filesystem

Debug an Android app with AI-assisted breakpoint analysis

👤 Android developers and security researchers debugging app behavior ⏱ ~30 min advanced

何時使用: You need to understand runtime behavior that isn't clear from static analysis.

前置條件
  • JADX configured for debugging — Connect JADX debugger to a running Android app or emulator
步驟
  1. Set breakpoints and inspect
    I'm debugging the login flow. Show me the current stack frames and local variables at the authentication method.✓ 已複製
    → Stack trace with variable values at the breakpoint

結果: Runtime understanding of app behavior at critical code points.

注意事項
  • App detects debugger and exits — Look for anti-debugging checks in the code and bypass them before attaching

組合

與其他 MCP 搭配,撬動十倍槓桿

jadx-ai-mcp + filesystem

Export decompiled and annotated code for documentation

Export the decompiled source of the authentication module and save it to ~/analysis/auth-module.java.✓ 已複製

工具

此 MCP 暴露的能力

工具輸入參數何時呼叫成本
fetch_current_class none Get the currently selected class source code 0
search_classes_by_keyword keyword: str Find classes matching a keyword 0
get_android_manifest none Retrieve the AndroidManifest.xml 0
rename_class old_name: str, new_name: str Rename an obfuscated class 0
xrefs_to_method class_name: str, method_name: str Find all references to a method 0
get_smali_of_class class_name: str Get Dalvik bytecode (smali) for a class 0
debug_get_stack_frames none Get current debugger stack frames 0

成本與限制

運行它的成本

API 配額
N/A — fully local
每次呼叫 Token 數
200–2000 tokens per tool call
費用
Free — both JADX and the plugin are open source
提示
Use search_classes_by_keyword to narrow targets before fetching full class sources.

安全

權限、密鑰、影響範圍

憑證儲存: N/A
資料出站: All analysis is local. No network calls from the MCP server.

故障排查

常見錯誤與修復

Plugin not loading in JADX

Ensure JADX version is compatible. Try reinstalling with: jadx plugins --install 'github:zinja-coder:jadx-ai-mcp'

驗證: jadx plugins --list
MCP server connection failed

Ensure the JADX MCP Server is running and the port matches your client config.

驗證: Check the server terminal for startup messages
Class not found in search

Obfuscated names may not match your search. Try broader patterns or search by method signatures.

驗證: get_all_classes to see available class names

替代方案

jadx-ai-mcp 對比其他方案

替代方案何時用它替代權衡
jadx-mcp-serverYou only need the MCP server component without the JADX pluginServer-only — still needs the jadx-ai-mcp plugin in JADX
GhidrAssistMCPYou want to analyze native binaries rather than Android Dalvik bytecodeNative binary focus vs Android-specific tools

更多

資源

📖 閱讀 GitHub 上的官方 README

🐙 查看未解決的 issue

🔍 瀏覽全部 400+ MCP 伺服器和 Skills