Rev Dex Dumper
Dump in-memory DEX from a running Android app so you can unpack packed APKs and analyze decrypted bytecode offline.
Install
npx skills add https://github.com/p4nda0s/reverse-skills --skill rev-dex-dumperWhat is this skill?
- Five-step ADB workflow: push panda-dex-dumper, resolve package/PID, dump, pull from /data/local/tmp/panda/, then clean d
- Bundled panda-dex-dumper binary resolved relative to SKILL.md under skills/rev-dex-dumper/
- Foreground package discovery via dumpsys activity top when the user does not supply a package name
- Targets defeat of class-loading packing and in-memory-only DEX
- Explicit guideline to verify ADB connection before running the dump
Adoption & trust: 633 installs on skills.sh; 1.3k GitHub stars; 1/3 security scanners passed (skills.sh audits).
Recommended Skills
Azure Compliancemicrosoft/azure-skills
Openclaw Secure Linux Cloudxixu-me/skills
Entra Agent Idmicrosoft/azure-skills
Firebase Security Rules Auditorfirebase/agent-skills
Firestore Security Rules Auditorfirebase/agent-skills
Skill Vetteruseai-pro/openclaw-skills-security
Journey fit
Unpacking and memory dumping are pre-release or post-ship security and malware-analysis tasks—canonical shelf is hardening and offensive/defensive app review, not greenfield UI build. Subphase security covers APK unpacking, class-loader packers, and extracting decrypted DEX for static analysis.
Common Questions / FAQ
Is Rev Dex Dumper safe to install?
skills.sh reports 1 of 3 security scanners passed. Review the Security Audits panel on this page before installing in production.
SKILL.md
READMESKILL.md - Rev Dex Dumper
# rev-dex-dumper - Android DEX Dumper Dump DEX files from a running Android application's memory using `panda-dex-dumper` via ADB. --- ## Tool Location The `panda-dex-dumper` binary is bundled in this skill's directory. Resolve its absolute path relative to this SKILL.md file: ``` skills/rev-dex-dumper/panda-dex-dumper ``` --- ## Workflow ### 1. Push the tool to device ```bash adb push <path-to>/panda-dex-dumper /data/local/tmp/ adb shell chmod +x /data/local/tmp/panda-dex-dumper ``` ### 2. Determine target package name If the user provides a package name, use it directly. Otherwise, get the foreground app: ```bash adb shell dumpsys activity top | grep 'ACTIVITY' | tail -1 | awk '{print $2}' | cut -d/ -f1 ``` ### 3. Run the dumper ```bash adb shell "cd /data/local/tmp && ./panda-dex-dumper -p $(adb shell pidof <package_name>)" ``` The dumped DEX files are saved to `/data/local/tmp/panda/` on the device. ### 4. Pull DEX files to host ```bash adb pull /data/local/tmp/panda/ ./ ``` Pull to the user's current working directory. ### 5. Clean up device cache ```bash adb shell rm -rf /data/local/tmp/panda/ adb shell rm /data/local/tmp/panda-dex-dumper ``` --- ## Guidelines 1. **Always verify ADB connection first** — run `adb devices` and confirm a device is listed before proceeding. 2. **Root may be required** — `panda-dex-dumper` uses `ptrace` to attach to the target process. If the device is not rooted, the dump will fail. Suggest `adb root` or running via `su` if needed. 3. **Wait for app to fully load** — if the user is dumping a packed app, the real DEX is only available after the packer's class loader has decrypted it. Advise the user to navigate past the splash screen before dumping. 4. **Handle pidof failure** — if `pidof` returns empty, the app may not be running. Launch it first with `adb shell monkey -p <package_name> -c android.intent.category.LAUNCHER 1`. 5. **Multiple DEX files are normal** — packed apps often produce several DEX files. All files in `/data/local/tmp/panda/` should be pulled. 6. **Always clean up** — remove both the dumped DEX files and the tool binary from the device after pulling results to avoid leaving artifacts.