This is a Binary Ninja extension contains various scripts that assists in analyzing Android NDK applications.
This is a port of my JNIAnalyzer Ghidra extension. The APK parsing is done with Androguard instead of JADX.
- Install Androguard by cloning the git repository and running the
setup.pyscript. The version of Androguard available on PyPI is currently too old to work. - Install binja-typemanager and binja-typelibs-collection. Alternatively, make the types from the JNI header available to Binary Ninja in another manner.
- Install the plugin the typical Binary Ninja way.
install_linux.shdoes the correct things if you are on Linux.
Run the "JNIAnalyzer - Import APK" command and select the APK file associated with the native library being analyzed.
Run the "JNIAnalyzer - Import trace_registernatives JSON" command and select the JSON output from trace_registernatives.
Run the "JNIAnalyzer - Analyze RegisterNatives calls in current function"
command while in a function that calls RegisterNatives.
JNI related functions or data structures detected by this extension will be tagged with "JNIAnalyzer" using Binary Ninja's Tag API which can be viewed using Binary Ninja's tag browser.