[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-77242":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":9,"totalLinesOfCode":9,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":9,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":9,"rankLanguage":9,"license":9,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":22,"hasPages":22,"topics":24,"createdAt":9,"pushedAt":9,"updatedAt":39,"readmeContent":40,"aiSummary":41,"trendingCount":16,"starSnapshotCount":16,"syncStatus":42,"lastSyncTime":43,"discoverSource":44},77242,"jadx-mcp-server","zinja-coder\u002Fjadx-mcp-server","zinja-coder","MCP server for JADX-AI Plugin",null,"https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fjadx-mcp-server","Python",660,108,4,1,0,14,23,65,42,10.11,false,"main",[25,26,27,28,29,30,31,32,33,34,35,36,37,38],"ai","application-security","mcp-server","python","reverse-engineering","vapt","android-hacking","android-reverse-engineering","llm","mcp","mcp-servers","mobile-security","model-context-protocol","model-context-protocol-server","2026-06-12 02:03:42","\u003Cdiv align=\"center\">\n\n# JADX-MCP-SERVER (Part of Zin's Reverse Engineering MCP Suite)\n\n⚡ Fully automated MCP server built to communicate with JADX-AI-MCP Plugin to analyze Android APKs using LLMs like Claude — uncover vulnerabilities, parse manifests, and reverse engineer effortlessly.\n\n![GitHub contributors JADX-AI-MCP](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fcontributors\u002Fzinja-coder\u002Fjadx-ai-mcp)\n![GitHub contributors JADX-MCP-SERVER](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fcontributors\u002Fzinja-coder\u002Fjadx-mcp-server)\n![GitHub all releases](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fdownloads\u002Fzinja-coder\u002Fjadx-ai-mcp\u002Ftotal)\n![GitHub release (latest by SemVer)](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fdownloads\u002Fzinja-coder\u002Fjadx-ai-mcp\u002Flatest\u002Ftotal)\n![Latest release](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Frelease\u002Fzinja-coder\u002Fjadx-ai-mcp.svg)\n![Java 11+](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FJava-11%2B-blue)\n![Python 3.10+](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fpython-3%2E10%2B-blue)\n[![License](http:\u002F\u002Fimg.shields.io\u002F:license-apache-blue.svg)](http:\u002F\u002Fwww.apache.org\u002Flicenses\u002FLICENSE-2.0.html)\n\n#### ⭐ Contributors\n\nThanks to these wonderful people for their contributions ⭐\n\u003Ctable>\n \u003Ctr align=\"center\">\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fljt270864457\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F8609890?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>ljt270864457\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbadmonkey7\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F41368882?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>badmonkey7\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fp0px\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F161268024?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>p0px\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fbx33661\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F138348615?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>bx33661\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FHaicaji\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F132796021?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>Haicaji\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FChineseAStar\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F24355243?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>ChineseAStar\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fcyal1r\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F33282478?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>cyal1\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftiann\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F4233744?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>tainn\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FZERO-A-ONE\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F18625356?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>ZERO-A-ONE\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fneoz\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F360582?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>neoz\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FSamadiPour\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F24422125?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>SamadiPour\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fwuseluosi\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F192840340?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>wuseluosi\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FCainYzb\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F50669073?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>CainYzb\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftbodt\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F5678977?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>tbodt\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FLilNick0101\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F100995805?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>LikNick0101\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003Ctd>\n \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flwsinclair\">\n \u003Cimg src=\"https:\u002F\u002Favatars.githubusercontent.com\u002Fu\u002F2829939?v=4\" width=\"30px;\" alt=\"\"\u002F>\n \u003Cbr \u002F>\u003Csub>\u003Cb>lwsinclair\u003C\u002Fb>\u003C\u002Fsub>\n \u003C\u002Fa>\n \u003C\u002Ftd>\n \u003C\u002Ftr>\n\u003C\u002Ftable>\n\n\u003C\u002Fdiv>\n\u003C!-- Still in early stage of development — expect bugs, crashes, and logical errors.-->\n\n\u003C!-- MCP (Model Context Protocol) server that connects to a custom plugin of [JADX](https:\u002F\u002Fgithub.com\u002Fskylot\u002Fjadx) called [JADX-AI-MCP](https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fjadx-ai-mcp) and provides reverse engineering capabilities directly to local LLMs like Claude Desktop.-->\n\n\u003Cdiv align=\"center\">\n \u003Cimg alt=\"banner\" height=\"480px\" widht=\"620px\" src=\"static\u002Fimage.png\">\n\u003C\u002Fdiv>\n\n#### ReadTheDocs:\n - We are now live at Read The Docs: \n\n--- \n\n#### Download now: https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fjadx-ai-mcp\u002Freleases\n\n---\n\n## 🤖 What is JADX-MCP-SERVER?\n\n**JADX MCP Server** is a standalone Python server that interacts with a modified version of `jadx-gui` (see: [jadx-ai-mcp](https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fjadx-ai-mcp)) via MCP (Model Context Protocol). It lets LLMs communicate with the decompiled Android app context live.\n\n\n## 🤖 What is JADX-AI-MCP?\n\n**JADX-AI-MCP** is a plugin for the [JADX decompiler](https:\u002F\u002Fgithub.com\u002Fskylot\u002Fjadx) that integrates directly with [Model Context Protocol (MCP)](https:\u002F\u002Fgithub.com\u002Fanthropic\u002Fmcp) to provide **live reverse engineering support with LLMs like Claude**.\n\nThink: \"Decompile → Context-Aware Code Review → AI Recommendations\" — all in real time.\n\n#### High Level Sequence Diagram \n\n```mermaid\nsequenceDiagram\nLLM CLIENT->>JADX MCP SERVER: INVOKE MCP TOOL\nJADX MCP SERVER->>JADX AI MCP PLUGIN: INVOKE HTTP REQUEST\nJADX AI MCP PLUGIN->>REQUEST HANDLERS: INVOKE HTTP REQUEST HANDLER\nREQUEST HANDLERS->>JADX GUI: PERFORM ACTION\u002FGATHER DATA\nJADX GUI->>REQUEST HANDLERS: ACTION PERFORMED\u002FDATA GATHERED\nREQUEST HANDLERS->>JADX AI MCP PLUGIN: CRAFT HTTP RESPONSE\nJADX AI MCP PLUGIN->>JADX MCP SERVER:HTTP RESPONSE\nJADX MCP SERVER->>LLM CLIENT: MCP TOOL RESULT\n```\n\nWatch the demos!\n\n- **Perform quick analysis**\n \nhttps:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002Fb65c3041-fde3-4803-8d99-45ca77dbe30a\n\n- **Quickly find vulnerabilities**\n\nhttps:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002Fc184afae-3713-4bc0-a1d0-546c1f4eb57f\n\n- **Multiple AI Agents Support**\n\nhttps:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002F6342ea0f-fa8f-44e6-9b3a-4ceb8919a5b0\n\n- **Analyze The APK Resources**\n\nhttps:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002Ff42d8072-0e3e-4f03-93ea-121af4e66eb1\n\n- **Your AI Assistant during debugging of APK using JADX**\n\nhttps:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002F2b0bd9b1-95c1-4f32-9b0c-38b864dd6aec\n\nIt is combination of two tools:\n1. [JADX-AI-MCP](https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fjadx-ai-mcp)\n2. JADX MCP SERVER\n\n---\n\n# Zin MCP Suite\n - **[APKTool-MCP-Server](https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fapktool-mcp-server)**\n - **[JAD-AI-MCP-Plugin](https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fjadx-ai-mcp)**\n - **[ZIN-MCP-Client](https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fzin-mcp-client)**\n\n## Current MCP Tools\n\nThe following MCP tools are available:\n\n- `fetch_current_class()` — Get the class name and full source of selected class\n- `get_selected_text()` — Get currently selected text\n- `get_all_classes()` — List all classes in the project\n- `get_class_source()` — Get full source of a given class\n- `get_method_by_name()` — Fetch a method’s source\n- `search_method_by_name()` — Search method across classes\n- `search_classes_by_keyword()` — Search for classes whose source code contains a specific keyword (supports pagination)\n- `get_methods_of_class()` — List methods in a class\n- `get_fields_of_class()` — List fields in a class\n- `get_smali_of_class()` — Fetch smali of class\n- `get_main_activity_class()` — Fetch main activity from jadx mentioned in AndroidManifest.xml file. \n- `get_main_application_classes_code()` — Fetch all the main application classes' code based on the package name defined in the AndroidManifest.xml.\n- `get_main_application_classes_names()` — Fetch all the main application classes' names based on the package name defined in the AndroidManifest.xml.\n- `get_android_manifest()` — Retrieve and return the AndroidManifest.xml content.\n- `get_manifest_component` - Retrieve specific manifest component instead of whole manifest file\n- `get_strings()` : Fetches the strings.xml file\n- `get_all_resource_file_names()` : Retrieve all resource files names that exists in application\n- `get_resource_file()` : Retrieve resource file content\n- `rename_variable()` : Renames the variable within a method\n- `debug_get_stack_frames()` : Get the stack frames from jadx debugger\n- `debug_get_threads()` : Get the insights of threads from jadx debugger\n- `debug_get_variables()` : Get the variables from jadx debugger\n- `xrefs_to_class()` : Find all references to a class (returns method-level and class-level references, supports pagination)\n- `xrefs_to_method()` : Find all references to a method (includes override-related methods, supports pagination)\n- `xrefs_to_field()` : Find all references to a field (returns methods that access the field, supports pagination)\n---\n\n#### Note: Tested on Claude Desktop. Support for other LLMs might be tested in future.\n\n## 🗒️ Sample Prompts\n\n🔍 Basic Code Understanding\n\n \"Explain what this class does in one paragraph.\"\n\n \"Summarize the responsibilities of this method.\"\n\n \"Is there any obfuscation in this class?\"\n\n \"List all Android permissions this class might require.\"\n\n🛡️ Vulnerability Detection\n\n \"Are there any insecure API usages in this method?\"\n\n \"Check this class for hardcoded secrets or credentials.\"\n\n \"Does this method sanitize user input before using it?\"\n\n \"What security vulnerabilities might be introduced by this code?\"\n\n🛠️ Reverse Engineering Helpers\n\n \"Deobfuscate and rename the classes and methods to something readable.\"\n\n \"Can you infer the original purpose of this smali method?\"\n\n \"What libraries or SDKs does this class appear to be part of?\"\n\n📦 Static Analysis\n\n \"List all network-related API calls in this class.\"\n\n \"Identify file I\u002FO operations and their potential risks.\"\n\n \"Does this method leak device info or PII?\"\n\n🤖 AI Code Modification\n\n \"Refactor this method to improve readability.\"\n\n \"Add comments to this code explaining each step.\"\n\n \"Rewrite this Java method in Python for analysis.\"\n\n📄 Documentation & Metadata\n\n \"Generate Javadoc-style comments for all methods.\"\n\n \"What package or app component does this class likely belong to?\"\n\n \"Can you identify the Android component type (Activity, Service, etc.)?\"\n\n🐞 Debugger Assistant\n```\n \"Fetch stack frames, varirables and threads from debugger and provide summary\"\n\n \"Based the stack frames from debugger, explain the execution flow of the application\"\n\n \"Based on the state of variables, is there security threat?\"\n```\n\n\n---\n\n## 🛠️ Getting Started\n\n[READ HERE](https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fjadx-ai-mcp?tab=readme-ov-file#%EF%B8%8F-getting-started)\n\nDemo: **Perform Code Review to Find Vulnerabilities locally**\n\nhttps:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002F4cd26715-b5e6-4b4b-95e4-054de6789f42\n\n### Advanced CLI Options — Understanding the Flags\n\nThere are **two separate connections** and each has its own host\u002Fport:\n\n```\n┌─────────────┐ --host \u002F --port ┌──────────────────┐ --jadx-host \u002F --jadx-port ┌──────────────────┐\n│ LLM Client │ ◄──────────────────► │ jadx-mcp-server │ ──────────────────────────► │ JADX-GUI Plugin │\n│ (Claude, │ Where the MCP server │ │ Where the MCP server looks │ (jadx-ai-mcp) │\n│ Codex..) │ LISTENS for clients │ │ for the JADX plugin │ │\n└─────────────┘ └──────────────────┘ └──────────────────┘\n```\n\n| Flag | Default | Controls |\n|------|---------|----------|\n| `--http` | off | Use HTTP transport instead of stdio |\n| `--host` | `127.0.0.1` | **Where the MCP server listens** (bind address for LLM clients) |\n| `--port` | `8651` | **Which port the MCP server listens on** |\n| `--jadx-host` | `127.0.0.1` | **Where to find the JADX plugin** (the target JADX-GUI machine) |\n| `--jadx-port` | `8650` | **Which port the JADX plugin is on** |\n\n### Usage Examples\n\n**Scenario 1 — Everything on the same machine (most common):**\n```bash\n# Default: MCP server on localhost:8651, connects to JADX plugin on localhost:8650\nuv run jadx_mcp_server.py --http\n```\n\n**Scenario 2 — Docker container or WSL (MCP server accessible from host network):**\n```bash\n# MCP server listens on ALL interfaces so the host can reach it\n# JADX plugin is still on the same machine\nuv run jadx_mcp_server.py --http --host 0.0.0.0\n```\n\n**Scenario 3 — JADX-GUI running on a different machine (e.g., remote VM):**\n```bash\n# MCP server runs locally, but connects to JADX plugin on a remote machine\nuv run jadx_mcp_server.py --http --jadx-host 192.168.1.100\n```\n\n**Scenario 4 — Full remote setup (everything on different machines):**\n```bash\n# MCP server listens on all interfaces on port 9999\n# JADX plugin is on a different machine at 192.168.1.100:8652\nuv run jadx_mcp_server.py --http --host 0.0.0.0 --port 9999 --jadx-host 192.168.1.100 --jadx-port 8652\n```\n\n> [!CAUTION]\n> ### ⚠️ Security Warning — Remote Binding\n>\n> When using `--host 0.0.0.0` (or any non-localhost address), the MCP server binds to **all network interfaces** over **plain HTTP with no authentication**. This means:\n>\n> - **Anyone on the network** can connect and invoke all MCP tools\n> - There is **no TLS encryption** — traffic can be intercepted\n> - An attacker can use the server to **read decompiled code**, **rename classes\u002Fmethods**, and **access debug info**\n>\n> **Mitigations:**\n> - Only bind to `0.0.0.0` on **trusted, isolated networks** (e.g., Docker bridge, local VM)\n> - Use a **firewall** to restrict access to the MCP port\n> - Consider an **SSH tunnel** instead: `ssh -L 8651:127.0.0.1:8651 remote-host`\n>\n> Similarly, `--jadx-host` with a non-localhost address means the MCP server will make **unauthenticated HTTP requests** to that host. Ensure the target is trusted.\n\n\n## 🛣️ Future Roadmap\n\n- [x] Add Support for apktool\n\n - [ ] Add support for hermes code (ReactNative Application)\n\n - [ ] Add docker support\n\n - [x] Add more useful MCP Tools\n\n - [x] Make LLM be able to modify code on JADX\n\n - [x] Add prompts templates, give llm access to Android APK Files as Resources\n\n - [ ] ~~Build MCP Client to support Local LLM~~\n\n - [ ] **END-GOAL** : Make all android reverse engineering and APK modification tools Connect with single MCP server to make reverse engineering apk files as easy as possible purely from vibes.\n\n## NOTE For Contributors\n\n - The files related to JADX-AI-MCP can be found [here](https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fjadx-ai-mcp)\n\n - The files related to **jadx-mcp-server** can be found in this repository only.\n\n## 🙏 Credits\n\nThis project is a plugin for JADX, an amazing open-source Android decompiler created and maintained by [@skylot](https:\u002F\u002Fgithub.com\u002Fskylot). All core decompilation logic belongs to them. I have only extended it to support my MCP server with AI capabilities.\n\n[📎 Original README (JADX)](https:\u002F\u002Fgithub.com\u002Fskylot\u002Fjadx)\n\nThe original README.md from jadx is included here in this repository for reference and credit.\n\nThis MCP server is made possible by the extensibility of JADX-GUI and the amazing Android reverse engineering community.\n\nAlso huge thanks to [@aaddrick](https:\u002F\u002Fgithub.com\u002Faaddrick) for developing Claude desktop for Debian based linux.\n\nAnd in last thanks to [@anthropics](https:\u002F\u002Fgithub.com\u002Fanthropics) for developing the Model Context Protocol and [@FastMCP](https:\u002F\u002Fgithub.com\u002Fmodelcontextprotocol\u002Fpython-sdk) team\n\nAnd all open source maintainers and contributors that makes libraries and dependencies which allows project like this possible.\n\n## Audited and Received Assessment Badge\n\n[![MseeP.ai Security Assessment Badge](https:\u002F\u002Fmseep.net\u002Fpr\u002Fzinja-coder-jadx-mcp-server-badge.png)](https:\u002F\u002Fmseep.ai\u002Fapp\u002Fzinja-coder-jadx-mcp-server)\n\nThank you Mseep.net for auditing and providing Assessment Badge.\n\n### Dependencies\n\nThis project uses following awesome libraries.\n\n- Plugin - Java\n - Javalin - https:\u002F\u002Fjavalin.io\u002F - Apache 2.0 License\n - SLF4J - https:\u002F\u002Fslf4j.org\u002F - MIT License\n - org.w3c.dom - https:\u002F\u002Fmvnrepository.com\u002Fartifact\u002Forg.w3c.dom - W3C Software and Document License\n\n- MCP Server - Python\n - FastMCP - https:\u002F\u002Fgithub.com\u002Fjlowin\u002Ffastmcp - Apache 2.0 License\n - httpx - https:\u002F\u002Fwww.python-httpx.org - BSD-3-Clause (“BSD licensed”) \n\n## 📄 License\n\nThis plugin inherits the Apache 2.0 License from the original JADX repository.\n\n## ⚖️ Legal Warning\n\n**Disclaimer**\n\nThe tools `jadx-ai-mcp` and `jadx_mcp_server` are intended strictly for educational, research, and ethical security assessment purposes. They are provided \"as-is\" without any warranties, expressed or implied. Users are solely responsible for ensuring that their use of these tools complies with all applicable laws, regulations, and ethical guidelines.\n\nBy using `jadx-ai-mcp` or `jadx_mcp_server`, you agree to use them only in environments you are authorized to test, such as applications you own or have explicit permission to analyze. Any misuse of these tools for unauthorized reverse engineering, infringement of intellectual property rights, or malicious activity is strictly prohibited.\n\nThe developers of `jadx-ai-mcp` and `jadx_mcp_server` shall not be held liable for any damage, data loss, legal consequences, or other consequences resulting from the use or misuse of these tools. Users assume full responsibility for their actions and any impact caused by their usage.\n\nUse responsibly. Respect intellectual property. Follow ethical hacking practices.\n\n---\n\n## 🙌 Contribute or Support\n\n- Found it useful? Give it a ⭐️\n- Got ideas? Open an [issue](https:\u002F\u002Fgithub.com\u002Fzinja-coder\u002Fjadx-mcp-server\u002Fissues) or submit a PR\n- Built something on top? DM me or mention me — I’ll add it to the README!\n\n---\n\nBuilt with ❤️ for the reverse engineering and AI communities.\n","JADX-MCP-SERVER 是一个用于与JADX-AI-MCP插件通信的MCP服务器,旨在通过像Claude这样的大语言模型来分析Android APK文件。其核心功能包括自动化的漏洞检测、Manifest解析以及逆向工程辅助。技术上,该项目使用Python编写,并且支持Java 11以上的环境运行。适用于需要对Android应用进行安全评估或深入理解内部结构的专业人士,如安全研究人员、开发者和逆向工程师等。",2,"2026-06-11 03:55:13","trending"]