Trusted by over 1.6 million members since 2014 — why not join them?Here is a new real debugger for Android apps
github.com
Using native JVMTI, it can pause any Java method, step through DEX bytecode, inspect locals, search the live heap, force returns, or NOP out bytecode functions.
It also includes function trace recording (similar to frida-trace, with additional security API coverage) and an AI mode (still a work in progress)
dexbgd - DEX Debugger
A native Android DEX debugger with bytecode-level stepping, live variable inspection, and runtime manipulation for reverse engineering, CTFs, and security analysis
A real debugger for Android apps. Not a hooking framework, not JDWP - a native JVMTI debugger that lets you pause any Java method, step through Dalvik bytecode one instruction at a time, inspect every local variable and register, search the live heap, and force methods to return whatever you want.
Built for CTF, malware analysis and reverse engineering. Thin C++ agent inside the app, Rust TUI on the host.
How It Differs from Frida?
Frida replaces functions with JavaScript hooks. dexbgd pauses execution and lets you look around. Different tools for different problems.
NOTE: JVMTI requires android:debuggable="true", which production apps omit.
You can Add android:debuggable="true" to AndroidManifest.xml after decompiling with apktool
or
Use APK Toolkit (Windows GUI) to decompile, add debuggable flag and then recompile
GitHub - arkup/dexbgd: A native Android DEX debugger with bytecode-level stepping, live variable inspection, and runtime manipulation for reverse engineering, CTFs, and security analysis
A native Android DEX debugger with bytecode-level stepping, live variable inspection, and runtime manipulation for reverse engineering, CTFs, and security analysis - arkup/dexbgd
github.com
Using native JVMTI, it can pause any Java method, step through DEX bytecode, inspect locals, search the live heap, force returns, or NOP out bytecode functions.
It also includes function trace recording (similar to frida-trace, with additional security API coverage) and an AI mode (still a work in progress)
dexbgd - DEX Debugger
A native Android DEX debugger with bytecode-level stepping, live variable inspection, and runtime manipulation for reverse engineering, CTFs, and security analysis
A real debugger for Android apps. Not a hooking framework, not JDWP - a native JVMTI debugger that lets you pause any Java method, step through Dalvik bytecode one instruction at a time, inspect every local variable and register, search the live heap, and force methods to return whatever you want.
Built for CTF, malware analysis and reverse engineering. Thin C++ agent inside the app, Rust TUI on the host.
How It Differs from Frida?
Frida replaces functions with JavaScript hooks. dexbgd pauses execution and lets you look around. Different tools for different problems.
NOTE: JVMTI requires android:debuggable="true", which production apps omit.
You can Add android:debuggable="true" to AndroidManifest.xml after decompiling with apktool
or
Use APK Toolkit (Windows GUI) to decompile, add debuggable flag and then recompile
Last edited by a moderator:
