jar analyzer Download - jar analyzer Source code download

jar analyzer

Other categories

4.1

Download

Jar-Analyzer

CHANGE LOG

front page

Quick search with one click (since version 4.0 , it supports dynamic generation of GUI buttons through configuration)

For example, a dynamic rule of Runtime.exec (and directly generate buttons and search logic after matching)

  Runtime.exec :
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className : java/lang/Runtime
      methodName : exec
      methodDesc : null

Static analysis spring project

Analyze tomcat through agent

Custom expression search

Support information leakage inspection after version 4.0 (some regular sources from HaE projects)

Starting from version 4.0 , you can use the same shortcut key as IDEA to call up Lucene global search twice shift and call up Lucene global search

Since version 4.0 , it has been fixed and enhanced batch decompilation Jar export function

Since version 4.1 , it supports two ways to choose to start the engine and use JD-GUI to quickly view.

Starting the engine analysis is usually a very time-consuming operation, and sometimes we don't need to fully analyze it.
Starting JD-GUI can quickly decompile and view bytecode for certain scenarios

What is Jar Analyzer

Scenario 01: Analyze the JAR in which method is defined from a large number JAR (accurate to specific methods of specific classes)
Scenario 02: Analyze where the Runtime.exec method is called from a large number JAR (accurate to specific methods of specific classes)
Scenario 03: Analyze the method of the string ${jndi appearing from a large number JAR (accurate to specific methods of specific classes)
Scenario 04: Analyze what Spring Controller/Mapping information from a large number of JAR (accurate to specific classes and specific methods)
Scenario 05: Analyze whether Apache Log4j2 vulnerabilities exist from a large number JAR (match all CVE vulnerabilities)
Scenario 06: Analyze whether there are versions with vulnerabilities such as FASTJSON 47/68/80 from a large number JAR
Scenario 07: Analyze the methods of various common Java security vulnerabilities from a large number of JAR
Scenario 08: You need to deeply analyze the parameters of JVM instruction calls in a method (with a graphical interface)
Scenario 09: You need to deeply analyze the status of JVM instructions and stack frames in a method (with graphical interface)
Scenario 10: You need to analyze a method's Control Flow Graph in depth (with graphical interface)
Scenario 11: You have a Tomcat that needs to remotely analyze the Servlet/Filter/Listener information
Scenario 12: You have a serialized data containing malicious Class bytecode that requires one-click extraction and analysis
Scenario 13: You have a BCEL format bytecode that requires one-click decompile code analysis
Scenario 14: You have a lot of Jar files or directories that need to be decompiled in batches
Scenario 15: Analyze various information leakage such as IP address, mobile phone number, email address, etc. from a large number JAR
Test function: debugging at the bytecode instruction level

Jar Analyzer is a GUI tool for analyzing Jar files:

Supports large Jar and batch Jars analysis
Conveniently search for call relationships between methods
Analyze the LDC instruction to locate strings in Jar
One-click analysis Spring Controller/Mapping
Advanced analysis of method bytecode and instructions
One-click decompilation to optimize the processing of internal classes
CFG analysis results of one-click generation method
Stack Frame analysis results for one-click generation method
Remotely analyze components such as Servlet in Tomcat
Custom SQL statements for advanced analysis
Since version 2.14 , the full screen display function has been supported.
Since version 2.15 , support code area string search function
Since version 2.15 , it supports the analysis of remote files through HTTP
Since version 2.16 , it supports one-click export and decompilation of JAVA code
Since version 2.17 , it supports remote debugging at the bytecode instruction level (refer to the example image)
Since version 2.17 , it supports one-click extraction of malicious JAVA code from serialized data (refer to the example image)
Since version 2.18 , it supports HTTP API query interface (refer to the example image)
Since version 2.19 , it supports 10 UI themes when starting ( LookAndFeel )
Since version 2.19 , support real-time CPU usage and memory line chart display (refer to the example diagram)
Since version 2.20 , global highlighting of selected strings is supported (refer to the example image)
Since version 2.21 , it supports whitelisting of configuration classes and package names.
Since version 2.21 , the number of files on the left is supported to open class name search using CTRL+F (refer to the example image)
Since version 2.21 , a JRE 21 environment with built-in ZGC enabled (only core functions)
New SCA analysis since version 2.23 (see Example Figure 1 Example Figure 2)
Improved SCA analysis logic since version 2.24 (significantly improve scanning efficiency)
Since version 3.0 , it supports generation of HTML method call diagrams (refer to the example diagram)
Since version 3.0 , right-click search for strings is supported in the code area (refer to the example image)
Since version 3.0 , support methods to right-click to add memos (refer to the example image)
Since version 3.0 , many common JAVA RCE vulnerabilities have been added to call one-click search function.
Since version 3.1 , support BCEL string decompilation of Java code with one-click (refer to the example image)
Since version 3.1 , remote Tomcat analysis has been changed to premain (refer to the example image)
Remote Tomcat analysis function rewrite and enhance since version 3.2 (see example image)
Since version 4.0 , the positioning of method jumps has been greatly optimized and accurate (implemented using JavaParser library)
Since version 4.0 , it supports one-click information leakage inspection (refer to the example image)
Since version 4.0 , it supports global search similar to IDEA (based on Lucene support code snippets)
Since version 4.0 , it supports forward and backward steps without limiting the number of times (record all operation information)
Since version 4.0 the function of batch decompiling Jar exported source code is repaired and enhanced
Since version 4.0 , multiple icon GUI interfaces have been added to further beautify
Since version 4.1 , built-in JD-GUI can be skipped to quickly view

More features are under development

If you have any questions or suggestions, please feel free to ask issue

Go to download

screenshot

Method call relationship

Method call search (supports equals/like options, supports blacklist filtering)

Jar Analyzer 2.15

Jar Analyzer 2.15 supports remote Jar file loading after version 2.15

After Jar Analyzer 2.17 it supports one-click extraction of malicious code from serialized data.

Jar Analyzer 2.18 supports HTTP API after version 2.18

Example Figure 1 Example Figure 2

Jar Analyzer 2.19 supports real-time CPU and memory usage analysis after version 2.19

Jar Analyzer 2.20

expression

Expression search is an important advanced feature of jar-analzyer : you can customize a variety of conditional combination search methods.

Expression search is located on the home page and Plugins section of Advance

Detailed documentation

The original version Jar Analyzer V1 was born on 2022.11.27
Jar Analyzer V2 was first submitted on 2023.10.23
Jar Analyzer v2 official version is released on 2023.12.07
Jar Analyzer V2 releases version 3.0 in 2024.08.15
Jar Analyzer V2 broke 10,000 in total Star in 2024.09.30
Jar Analyzer V2 releases version 4.0 in 2024.11.07

Release time

Currently, version 4.X is planned to be updated once a month (usually released at 0 o'clock on the same day)

If the day is a non-working day, it will be postponed to the first working day after that

2025.01.08
2025.02.08
2025.03.08

Performance Testing

Comparative analysis of G1GC and ZGC situations with reference to performance test documents

Vulnerability Announcement

[GHSA-43rf-3hm4-hv5f] Decompiling a malicious CLASS file may cause the program to be unavailable
[GHSA-x5h2-78p8-w943] SQL injection vulnerability existed before Jar Analyzer 2.13 version
[GHSA-jmcg-r2c5-7m29] Jar Analyzer has a ZIP SLIP vulnerability (worst case can lead to RCE risk)

Note: When there are large or large Jar , it may lead to huge temporary directories and database files.

If you have UI compatibility issues, please check the top of ISSUE section.

BUILD

Note: First set up your IDEA (this project does not support IDE environments such as Eclipse/VS Code )

The compilation and construction process is as follows: (Taking Windows as an example, other environments are similar)

Important: Make sure you have JDK 8 64位installed (both Oracle JDK or OpenJDK )
Important: If you modify the code, make sure to start at least once in the IDEA environment (generate GUI code)
Important: Make sure you have Maven 3.X installed and PATH variables configured correctly (need to use the mvn command)
Optional: Run Contributor and ContributorMD to generate the latest contributor information
Optional: build agent subproject cd agent && package.bat
Important: Build the core project package.bat
Optional: Use cmake to build native directory to generate dll files and put them into resources
Optional: Use winres and gcc to build startup exe file and icon information
Optional: Full version reference build.py and build.yml files

Advanced functions

The above are basic functions, advanced and test functions, please refer to: Advanced test functions

For example, instruction-level GUI debugging similar to OD/GDB (not completed)

shortcut key

CTRL+X method cross reference quick jump method caller and callee page
CTRL+F code area search opens the search panel to support next and prev options
CTRL+F file tree area search displays the search panel search class name and internal classes in the file tree