{"id":10586,"date":"2020-05-18T14:44:46","date_gmt":"2020-05-18T09:14:46","guid":{"rendered":"http:\/\/kalilinuxtutorials.com\/?p=10586"},"modified":"2020-05-18T14:44:46","modified_gmt":"2020-05-18T09:14:46","slug":"threadtear","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/threadtear\/","title":{"rendered":"Threadtear : Multifunctional Java Seobfuscation Tool Suite"},"content":{"rendered":"\n

Threadtear <\/strong>is a multifunctional deobfuscation tool for java. Android application support is coming soon (Currently working on a dalvik to java converter). Suitable for easier code analysis without worrying too much about obfuscation. <\/p>\n\n\n\n

Even the most expensive obfuscators like ZKM or Stringer are included. For easier debugging there are also other tools included. Insert debug line numbers to better understand where exceptions originate, or add .printStackTrace() to try catch blocks without re-compiling your code. Reverse compatibility is not a problem anymore, if no version specific methods are used.<\/p>\n\n\n\n

\"\"\/<\/figure>\n\n\n\n
\"\"\/<\/figure>\n\n\n\n
\"\"\/<\/figure>\n\n\n\n
\"\"\/<\/figure>\n\n\n\n
\"\"\/<\/figure>\n\n\n\n

Executions<\/strong><\/p>\n\n\n\n

An “execution” is a task that is executed and modifies all loaded class files. There are multiple types of executions, varying from bytecode cleanup to string deobfuscation. Make sure to have them in the right order. Cleanup executions for example should be executed at last, but also can help other executions if executed first. If you are ready, click on the “Run” button and they will be executed in order.<\/p>\n\n\n\n

Warning<\/strong><\/p>\n\n\n\n

Use this tool at your own risk. Some executions use implemented ClassLoaders to run code from the jar file. An attacker could tweak the bytecode so that malicious code could be executed. Affected executions use the class me.nov.threadtear.asm.vm.VM<\/strong><\/code>. These are mostly used for decrypting string or resource \/ access obfuscation, as it is much easier to execute the decryption methods remotely.<\/p>\n\n\n\n

Security<\/strong><\/p>\n\n\n\n

Threadtear tries its best to protect you from malicious calls (arbitrary code executions) using its own SecurityManager<\/strong><\/code>, but there is no guarantee. Especially with deobfuscators like for ZKM or Stringer you have to be very careful, as reflection has to be allowed, otherwise they would not function. If you discover an ACE, please open an issue. I will try to fix them as soon as possible.<\/p>\n\n\n\n

How to compile?<\/strong><\/p>\n\n\n\n

First, run gradle build<\/strong><\/code>, then gradle fatJar<\/strong><\/code>. In builds\/libs<\/strong><\/code> a runnable jar file should then have been created. If you don’t want to download the repo, you can use the latest release.<\/p>\n\n\n\n

Tips & Tricks<\/strong><\/p>\n\n\n\n

There are some tricks that can help you identify and deobfuscate jar files successfully. Before running executions, decompile the code to find out what needs to be used. You can use the implemented decompiler for that.<\/p>\n\n\n\n

Deobfuscation Order<\/strong><\/p>\n\n\n\n

The best order for deobfuscation is generic executions > access deobfuscation > string deobfuscation > cleaning executions<\/strong><\/code>.<\/p>\n\n\n\n

Identification<\/strong><\/p>\n\n\n\n

Obfuscators exhibit patterns which you can use to identify obfuscators. The easiest way to identify an obfuscator is to skim the META-INF\/MANIFEST.MF<\/strong><\/code> file. It’s possible that there is an Obfuscated-By: XXX<\/code> or Protected-By: XXX<\/code><\/strong> attribute.<\/p>\n\n\n\n

ZKM<\/strong><\/p>\n\n\n\n

Extremely (flow-) obfuscated code, often noticeable by a string decryption method in the static initializer containing switches, or string decryption methods with a very long switch block (about 250 cases). ZKM is one of the best (and oldest) obfuscators for<\/p>\n\n\n\n

\"\"\/<\/figure>\n\n\n\n

java, and also very expensive.<\/p>\n\n\n\n

Stringer<\/strong><\/p>\n\n\n\n

If your jar file contains some special classes with huge decryption algorithms that are used by string obfuscation and access obfuscation, it’s probably Stringer. If your file was obfuscated with multiple obfuscators, and Stringer is one of them, you should begin your deobfuscation with Stringer, as Stringer obfuscation cannot be overwritten. (Due to custom JAR signature and usage of method names during string decryption) The protection is not bad and Stringer is one of the most expensive obfuscators. Unlike normal obfuscators it does not come with name obfuscation. It is rather used as “second layer”. Probably 90% of people that use this obfuscator are using a crack.<\/p>\n\n\n\n

\"\"\/<\/figure>\n\n\n\n

Allatori<\/strong><\/p>\n\n\n\n

Class names like IiIlIlIiIl or aUx, cOn, PrX indicate Allatori obfuscation. Allatori is very common, because it offers a free demo that accessible within a few clicks. The obfuscation is not that hard to reverse.<\/p>\n\n\n\n

\"\"\/<\/figure>\n\n\n\n

Other Obfuscators<\/strong><\/p>\n\n\n\n

For other obfuscators you can try generic executions or open an issue and I’ll see what i can do.<\/p>\n\n\n\n

Description & Tags<\/strong><\/p>\n\n\n\n

Before selecting an execution, check out the tool-tip texts while hovering. They contain a small description about what they do, but also tags that help you understand how the behavior of your JAR file is changed.<\/p>\n\n\n\n

License<\/strong><\/p>\n\n\n\n

Threadtear is licensed under the GNU General Public License 3.0<\/p>\n\n\n\n

Notice<\/strong><\/p>\n\n\n\n

Do NOT deobfuscate files that don’t belong to you. Please open an issue or send me an email if a transformer doesn’t work properly and attach the log.
Note that output files are most likely not runnable. If you still want to try to run them use -noverify<\/code> as JVM argument! This tool is intended for Java 8 but it will probably run on higher versions too.<\/p>\n\n\n\n

\n
Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Threadtear is a multifunctional deobfuscation tool for java. Android application support is coming soon (Currently working on a dalvik to java converter). Suitable for easier code analysis without worrying too much about obfuscation. Even the most expensive obfuscators like ZKM or Stringer are included. For easier debugging there are also other tools included. Insert debug […]<\/p>\n","protected":false},"author":4,"featured_media":16306,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png","fifu_image_alt":"Threadtear : Multifunctional Java Seobfuscation Tool Suite","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[1722,3040,3356],"class_list":["post-10586","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-java","tag-seobfuscation","tag-threadtear"],"yoast_head":"\nThreadtear : Multifunctional Java Seobfuscation Tool Suite<\/title>\n<meta name=\"description\" content=\"Threadtear is a multifunctional deobfuscation tool for java. Android application support is coming soon (Currently working on a dalvik to java converter).\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/threadtear\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Threadtear : Multifunctional Java Seobfuscation Tool Suite\" \/>\n<meta property=\"og:description\" content=\"Threadtear is a multifunctional deobfuscation tool for java. Android application support is coming soon (Currently working on a dalvik to java converter).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/threadtear\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-18T09:14:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/threadtear\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/threadtear\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"Threadtear : Multifunctional Java Seobfuscation Tool Suite\",\"datePublished\":\"2020-05-18T09:14:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/threadtear\/\"},\"wordCount\":730,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/threadtear\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png\",\"keywords\":[\"Java\",\"Seobfuscation\",\"Threadtear\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/threadtear\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/threadtear\/\",\"name\":\"Threadtear : Multifunctional Java Seobfuscation Tool Suite\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/threadtear\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/threadtear\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png\",\"datePublished\":\"2020-05-18T09:14:46+00:00\",\"description\":\"Threadtear is a multifunctional deobfuscation tool for java. Android application support is coming soon (Currently working on a dalvik to java converter).\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/threadtear\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/threadtear\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Threadtear : Multifunctional Java Seobfuscation Tool Suite","description":"Threadtear is a multifunctional deobfuscation tool for java. Android application support is coming soon (Currently working on a dalvik to java converter).","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/threadtear\/","og_locale":"en_US","og_type":"article","og_title":"Threadtear : Multifunctional Java Seobfuscation Tool Suite","og_description":"Threadtear is a multifunctional deobfuscation tool for java. Android application support is coming soon (Currently working on a dalvik to java converter).","og_url":"https:\/\/kalilinuxtutorials.com\/threadtear\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2020-05-18T09:14:46+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/threadtear\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/threadtear\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"Threadtear : Multifunctional Java Seobfuscation Tool Suite","datePublished":"2020-05-18T09:14:46+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/threadtear\/"},"wordCount":730,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/threadtear\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png","keywords":["Java","Seobfuscation","Threadtear"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/threadtear\/","url":"https:\/\/kalilinuxtutorials.com\/threadtear\/","name":"Threadtear : Multifunctional Java Seobfuscation Tool Suite","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/threadtear\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/threadtear\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png","datePublished":"2020-05-18T09:14:46+00:00","description":"Threadtear is a multifunctional deobfuscation tool for java. Android application support is coming soon (Currently working on a dalvik to java converter).","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/threadtear\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/threadtear\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-OmRL7uSlGJY\/Xr0wKqS08_I\/AAAAAAAAGV4\/AuR26p7MOhMHF-WaB2IUPCwlWeTN4JzVACLcBGAsYHQ\/s1600\/Threadtear-1%25281%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":3781,"url":"https:\/\/kalilinuxtutorials.com\/recaf-java-bytecode-editor-2\/","url_meta":{"origin":10586,"position":0},"title":"Recaf : A Modern Java Bytecode Editor","author":"R K","date":"February 7, 2019","format":false,"excerpt":"Recaf is an easy to use modern Java bytecode editor based on Objectweb's ASM. No more hassling with the constant pool or stack-frames required.\u00a0 Also Read : IP Obfuscator \u2013 Simple Tool to Social Engineer and Bypass Firewall Requirements You can run Recaf with Java 8 or higher (Its recommended\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8901,"url":"https:\/\/kalilinuxtutorials.com\/gda-android-reversing-tool\/","url_meta":{"origin":10586,"position":1},"title":"GDA Android Reversing Tool","author":"R K","date":"February 10, 2020","format":false,"excerpt":"Here, a new Dalvik bytecode decompiler, GDA\uff08this project started in 2013 and released its first version 1.0 in 2015 at www.gda.wiki:9090) , is proposed and implemented in C++ to provide more sophisticated, fast and convenient decompilation support. GDA is completely self-independent and very stable. It supports APK, DEX, ODEX, oat\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2540,"url":"https:\/\/kalilinuxtutorials.com\/java-stager-download-compile-execute\/","url_meta":{"origin":10586,"position":2},"title":"Java-Stager : A PoC To Download, Compile & Execute A Java File In Memory","author":"R K","date":"September 11, 2018","format":false,"excerpt":"A PoC Java-Stager which can download, compile, and execute a Java file in memory. The key parts of the talk for me are: Load a Stager onto victim (touches disk, but is a benign binary) Stager downloads raw code over HTTP (which stays in memory) Stager compiles raw code (also\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":2893,"url":"https:\/\/kalilinuxtutorials.com\/jshell\/","url_meta":{"origin":10586,"position":3},"title":"JShell – Get a JavaScript shell with XSS","author":"R K","date":"October 4, 2018","format":false,"excerpt":"JShell get a JavaScript shell with XSS. The Java Shell tool is an interactive tool for learning the Java programming language and prototyping Java code. JShell Usages Run shell.py and it will automatically try to detect your IP address, default LPORT is 33. As you can see the payload has\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/10\/JShell1.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/10\/JShell1.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/10\/JShell1.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/10\/JShell1.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/10\/JShell1.png?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":10634,"url":"https:\/\/kalilinuxtutorials.com\/sharingan\/","url_meta":{"origin":10586,"position":4},"title":"Sharingan : Offensive Security Recon Tool","author":"R K","date":"May 26, 2020","format":false,"excerpt":"Sharingan is a recon multitool for offensive security \/ bug bounty. This is very much a work in progress and I'm relatively new to offensive security in general so if you see something that can be improved please open an issue or PR with suggested changes. Cloning for development Outside\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":17564,"url":"https:\/\/kalilinuxtutorials.com\/how-to-improve-your-remote-debugging-game-for-java\/","url_meta":{"origin":10586,"position":5},"title":"How to Improve your Remote Debugging Game for Java","author":"Linumonk","date":"August 20, 2021","format":false,"excerpt":"Introduction Debugging is a significant part of programming. It contributes to improving the program output, locating code errors, finding the root cause of errors, etc. Creating an excellent debugging approach requires experience: it enables a developer to adopt a logical, rational, and analytical approach to solving the problem.\u00a0 The latest\u2026","rel":"","context":"In "Blog"","block_context":{"text":"Blog","link":"https:\/\/kalilinuxtutorials.com\/category\/blog\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-gwJXiYPaF9U\/YSfUSsk_2JI\/AAAAAAAAOnU\/hKnqWNMoTOIHG4qsfDTy4ZeL6phm62r9gCLcBGAsYHQ\/s16000\/remote%2Bde.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-gwJXiYPaF9U\/YSfUSsk_2JI\/AAAAAAAAOnU\/hKnqWNMoTOIHG4qsfDTy4ZeL6phm62r9gCLcBGAsYHQ\/s16000\/remote%2Bde.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-gwJXiYPaF9U\/YSfUSsk_2JI\/AAAAAAAAOnU\/hKnqWNMoTOIHG4qsfDTy4ZeL6phm62r9gCLcBGAsYHQ\/s16000\/remote%2Bde.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-gwJXiYPaF9U\/YSfUSsk_2JI\/AAAAAAAAOnU\/hKnqWNMoTOIHG4qsfDTy4ZeL6phm62r9gCLcBGAsYHQ\/s16000\/remote%2Bde.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-gwJXiYPaF9U\/YSfUSsk_2JI\/AAAAAAAAOnU\/hKnqWNMoTOIHG4qsfDTy4ZeL6phm62r9gCLcBGAsYHQ\/s16000\/remote%2Bde.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/10586","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=10586"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/10586\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/16306"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=10586"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=10586"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=10586"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}