Skip to content
Dynamic binary instrumentation tool designed for Android application and powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Branch: master
Clone or download

npm dependencies Docker Automated build



1. Installation

Follow installation guide :

Or use Docker (See docker guide):

docker pull frenchyeti/dexcalibur
docker run -it -v <workspace_path>:/home/dexcalibur/workspace -p 8080:8000 --device=<device_path> frenchyeti/dexcalibur
# ./dexcalibur --app=<target> --port=8000 [--pull]

2. Screenshots

Following screenshots illustrate the automatic update of xrefs at runtime.

Xref auto update

3. Getting started

The Dexcalibur GUI can be launch from the console by using the dexcalibur script.

The first time, connect the device to your computer, run the following command, and open your browser (localhost:<webapp_port>) :

./dexcalibur --app=<appname> --port=<webapp_port> --pull

If you have already scanned the app, just exec the following command (without --pull) and open your browser (localhost:<webapp_port>) :

./dexcalibur --app=<appname> --port=<webapp_port>

4. See more on the wiki :

You can’t perform that action at this time.