Stop reinventing the wheel

Reverse engineer mobile applications in a simple way.


Latest news

User interface

The new graphical interface was redesigned to offer a better information overview, checking several elements at the same time thanks to a window system (no need to switch between pages) and a quick access to all functionalities.

Dalvik mimic

The Dexcalibur's Dalvik Virtual Machine (DDVM) offers a behavior close to Android's DVM. It allows to perform symbolic and concrete execution of piece of bytecode requiring implicit context. 

Integrated terminal

It's now possible to open command prompts on a connected device, on a host computer, or even a shared session with another team member. That way, no need to use netcat to exchange information with your colleagues!

  What makes it different

Static + dynamic + symbolic analysis

Dexcalibur's engine is one of a kind. Indeed, in an autonomous way, it is able to establish correlations between various analysis types results. Based on these correlations, it adapts to the targeted application's specificities to provide you deobfuscation services and customized analysis.

Resilient & Stable

Dexcalibur is designed to analyze highly obfuscated applications. Conscious that a broad techniques diversity exists, we believe Dexcalibur should be stable and resilient to avoid limiting you.

Program Synthesis

Dexcalibur modelizes the target application. From this model, it computes partial program synthesis in order to offer a better view of the program is doing even if the app is obfuscated.


  • Instrumentation's autonomous generation

  • Device's APIs extraction

  • Dalvik bytecode emulation

  • Deobfuscation help

  • System call tracing

dxc_pro_expHookAs the application's executions progress, Dexcalibur will comprehend new results and explore new functions. When functionalities linked to your objectives are identified, Dexcalibur will generate a new hook to push further its analysis.


dxc_pro_expMenuDexcalibur is able to run an incremental analysis between the Android's API and other APIs available on the device to isolate permissions and specific APIs of a particular model or manufacturer.


The virtual machine Dalvik integrated in Dexcalibur offers a behavior close to Android's. It's able to detect implicit exceptions and semantic errors. The execution's context is configurable and can be automatically captured. The VM generate a simplified intermediary representation.

dxc_pro_expAliasDexcalibur offers many deobfuscation solutions such as automated renaming, CFG simplification, symbolic execution, types reconstruction...

45% more qualified leads because customers trust you

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Tracing features

Interruption tracing

System Calls, Hypervisor Calls, and Secure Monitor Calls are traced by instrumenting instructions able trigger interruptions into the target process (or any process attached to scope). When it is possible, Dexcalibur analyze arguments with the relevant way deduced from platform source code (if it is open-source).

File System monitoring

File system accesses from application are traced. It draws a timeline offering a rich view : file descriptor creation, lookup on FD, read/write with abilities to hook any operations and save or tamper content.

Network monitoring

Network communication (including over HTTPS) can be monitored at application level without modifying network settings of the device and it not requires to bypass SSL Pinning.

NFC monitoring

Commands receipt/sent over NFC by the application can be monitored and tampered at application level. It allows to emulate a kind of virtual relay attack and to spy communication.

TEE communications

Dexcalibur allows to monitors communications between Normal-World and Secure-World, and gather data. In some case, entire life-cycle of a TA is supported, so Dexcalibur can retrieve TA name from session.

Bluetooth monitoring


IPC monitoring


Memory accesses


Instrumentation features

Java hook generation

It is the most basic feature of Dexcalibur. Browse the application bytecode, select a method, and generate a hook with a single click.

Native hook generation

We think it is one of the coolest feature : explore any native library or process attached to the project, select a symbol or an address, and click 'Generate Hook'. It's ready, your hook will dump (at least) the registers used by the function.

Multiple device

It is a very common use case with smart devices : by instrumenting several devices and app attached to the same project, you can follow the entire workflow !

Multiple processes

By attaching several process to your project, you are able to reverse function involving several processes by instrumenting each side from the same place


Get Dexcalibur today

Let's discuss the best set up for your needs.