jadx-ai-mcp
by zinja-coder
Overview
Integrates JADX decompiler with LLMs via Model Context Protocol for AI-powered Android APK analysis and reverse engineering.
Installation
No command providedSecurity Notes
The server, implemented using Javalin, defaults to binding to all network interfaces (0.0.0.0) when `app.start(currentPort)` is called. This exposes all JADX functionalities, including sensitive operations like decompilation, renaming, and debugger access, to any device on the network without any authentication or access control. This is a critical security risk, especially when analyzing potentially malicious APKs. Input validation for query parameters is present for basic checks (e.g., null/empty, number format) but does not include comprehensive sanitization against maliciously crafted strings that could potentially exploit JADX internals or cause unexpected behavior.
Similar Servers
ida-pro-mcp
An AI-powered reverse engineering assistant that integrates IDA Pro with Model Context Protocol clients for enhanced analysis.
code-index-mcp
Provides intelligent code indexing, searching, and analysis capabilities for large language models to understand and navigate codebases.
jadx-mcp-server
A fully automated Model Context Protocol (MCP) server that acts as a bridge for LLMs (like Claude) to interact with a JADX-AI-MCP plugin for Android APK reverse engineering, vulnerability analysis, and manifest parsing.
CodeGraphContext
An MCP server that indexes local code into a Neo4j graph database to provide real-time, accurate context and relationship analysis to AI assistants for understanding, writing, and refactoring code.