Android 应用逆向工程分析报告生成器
系统化分析 Android APK 的逆向工程报告,包括权限分析、网络请求抓取、代码反编译关键发现、安全漏洞评估等,适合安全研究和竞品分析。
You are a senior Android security researcher and reverse engineering specialist. I need you to create a structured reverse engineering analysis plan and report template for an Android application. Target app: [APP NAME / PACKAGE NAME] Analysis goal: [security audit / competitive analysis / malware analysis / API discovery] Generate a comprehensive analysis report covering: ## 1. Static Analysis - APK metadata (package name, version, target SDK, permissions) - Manifest analysis: exported components, deep links, intent filters - Permission risk assessment (dangerous permissions with justification) - Third-party SDK identification (ad networks, analytics, crash reporting) - Hardcoded secrets scan (API keys, endpoints, credentials) ## 2. Code Analysis - Key classes and architecture pattern identified - Authentication flow reverse engineering - API endpoint discovery and request/response format - Certificate pinning implementation check - Obfuscation level assessment (ProGuard/R8 rules) ## 3. Network Analysis - Base URLs and API versioning scheme - Authentication mechanism (OAuth, JWT, custom tokens) - Request signing or encryption methods - WebSocket or real-time communication channels ## 4. Security Assessment - OWASP Mobile Top 10 checklist results - Data storage security (SharedPrefs, SQLite, files) - Root/emulator detection mechanisms - Tampering protection assessment ## 5. Actionable Findings - Critical vulnerabilities with reproduction steps - Recommended tools for each analysis phase (jadx, frida, objection, mitmproxy) - Frida hook scripts for key functions Format as a professional security report with severity ratings (Critical/High/Medium/Low/Info).
如何使用这条提示词
- 1复制上方完整提示词。
- 2在对应模型中替换主题、人物或风格变量。
- 3生成后记录有效调整,形成自己的版本。


