Getting Started Guide
How to Install and Use JADX
This guide covers installing JADX and using it to decompile Android APK files back to readable Java source code.
Prerequisites
- -Java 11+
- -An APK file to analyze
Install JADX
Download JADX from GitHub releases or install via package manager.
macOS
brew install jadxDownload
# Download latest from https://github.com/skylot/jadx/releases
# Extract and run bin/jadx-guiVerify CLI
jadx --versionOpen an APK in the GUI
Launch the GUI and load an APK file for visual exploration.
Launch GUI
jadx-guiThen
# File > Open > Select your .apk file
# Wait for decompilation
# Browse the source tree on the leftNote: JADX decompiles DEX bytecode back to Java source. The output isn't perfect but it's usually very readable. You can also open .dex, .jar, and .class files.
Command-Line Decompilation
Decompile an APK to a directory of Java source files from the command line.
Decompile to directory
jadx -d output/ target.apkWith resource decoding
jadx -d output/ --show-bad-code target.apkNote: The --show-bad-code flag includes methods that couldn't be fully decompiled, showing the bytecode as comments. This is useful when analyzing obfuscated apps.
Search and Navigate
Find interesting code in the decompiled output.
GUI search
# Navigation > Text Search (Ctrl+Shift+F)
# Search for: 'http://', 'api_key', 'password', 'secret'
# Navigation > Class Search (Ctrl+N) to find specific classesCLI search
jadx -d output/ target.apk && grep -r 'api_key\|secret\|password' output/Note: Start by searching for URLs, API keys, hardcoded credentials, and encryption keys. Many Android apps contain secrets in their source that developers assumed wouldn't be accessible.
Export for Further Analysis
Export the decompiled source and resources for deeper analysis.
Export as Gradle project
jadx -d output/ --export-gradle target.apkNote: Exporting as a Gradle project lets you open the decompiled app in Android Studio for a full IDE experience with code navigation, search, and refactoring tools.