
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools, to assist in testing mobile applications against the OWASP mobile security threats. Its objective is to make this task easier and friendlier to mobile application developers and security professionals.
MARA is developed and maintained by @xtian_kisutsa and @iamckn. It is in its very early stages of development and there is a lot more to come, in line with our roadmap. Any contributions and suggestions to the tool will be highly appreciated.
Features supported
APK Reverse Engineering
- Disassembling Dalvik bytecode to smali bytecode via baksmali and apktool
- Disassembling Dalvik bytecode to java bytecode via enjarify
- Decompiling APK to Java source code via jadx
APK Deobfuscation
- APK deobfuscation via [apk-deguard.com] (http://www.apk-deguard.com/)
APK Analysis
- Parsing smali files for analysis via smalisca
- Dump apk assets, libraries, and resources
- Extracting certificate data via openssl
- Extract strings and app permissions via aapt
- Identify methods and classes via ClassyShark
- Scan for apk vulnerabilities via androbugs
- Analyze apk for potentially malicious behavior via androwarn
- Identify compilers, packers, and obfuscators via APKiD
- Extract execution paths, IP addresses, URL, URI, emails via regex
APK Manifest Analysis
- Extract Intents
- Extract exported activities
- Extract receivers
- Extract exported receivers
- Extract Services
- Extract exported services
- Check if apk is debuggable
- Check if apk allows backups
- Check if apk allows sending of secret codes
- Check if apk can receive binary SMS
Domain Analysis
Security Analysis
- Source code static analysis based on OWASP Top Mobile Top 10 and the OWASP Mobile Apps Checklist
- MARA is capable of performing either single or mass analysis of apk, dex or jar files.
Additional information about the framework, prerequisites and the installation guide is available on the wiki
Author

- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Latest Articles
Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
Blog2022.10.12Vulnerability management with Wazuh open source XDR
Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky