Android

DexProtector for Android

Overview

DexProtector secures Android applications, libraries, and SDKs against static and dynamic analysis, tampering, reverse engineering, and Man-in-the-Middle attacks.

As the final stage of the build process, DexProtector works on compiled packages of any size, integrating its protection mechanisms at both bytecode and native levels.

And it is easy to integrate DexProtector into any development cycle, with support for both native and cross-platform apps, as well as build tools like Gradle, and CI/CD platforms like Bitrise, Jenkins, Azure Pipelines, and Bitbucket Pipelines. For more information, see our Implementations and Integrations page.

Key features of DexProtector for Android:


Code Protection	String Encryption Class Encryption Hide Access to Method Calls and Fields Native Code Obfuscation Native Code Encryption Native Code Anti-Debugging Annotation Encryption
Content Protection	Resource encryption HTML, JS, & CSS code encryption DRM for media resources Game engine resource encryption Support for external access to encrypted resources Encryption of `res` folder & `strings.xml` `AndroidManifest` mangling Encryption of resources in `root` folder Cryptographic material encryption
Integrity Control	Certificate Checks Code Integrity Checks Content Integrity Checks
Network Security	Network security status monitoring Public Key Pinning Certificate Transparency
Runtime Application Self-Protection (RASP)	Anti-debug mechanisms UI protection mechanisms Environment checks (detection and reporting of rooted devices; emulators; debuggers; hooking; tampering; and more)

Note: For some features, a DexProtector Enterprise license is required. For more information, see our feature comparison for DexProtector Standard and DexProtector Enterprise.

DexProtector for Android

Overview

1. What is DexProtector?

2. The DexProtector process

3. DexProtector Studio

4. Alice - Licel’s Attack Telemetry and Threat Intelligence System

Overview

1. Download

2. Activate

Activate via CLI (online)

Activate via CLI (offline)

Activate via DexProtector Studio (online)

Activate via DexProtector Studio (offline)

3. After activation

Introduction to configuring DexProtector

Configuration file overview

Filters: A guide to targeting code and resources

Inclusion

Protecting every class in a specified package

Protecting a single class

Exclusion

Excluding every class in a specified package from protection

Excluding a single class from protection

Mixed filters: Combining inclusion and exclusion

Detailed filter syntax information

Additional notes on filters: Resource Encryption and Annotation Encryption

Configuring DexProtector for applications (APK & AAB)

Example configuration for applications (APK & AAB)

Configuring DexProtector for libraries and SDKs (AAR)

Initialization

Kotlin

Protection of Public APIs

Example configuration for libraries & SDKs (AAR)

App Signing

Cloud Signing (Google Play App Signing; Amazon Appstore)

Google Play App Signing

Amazon Appstore Signing

Signing for System Apps and Pre-Installed Apps

Local Signing for APKs

DexProtector Gradle Plugin

DexProtecting Hybrid and Cross-Platform Applications (React Native, Ionic, NativeScript, Cordova, Xamarin, Flutter)

JavaScript and HTML-based Hybrid and Cross-Platform Apps

Xamarin

Flutter

Overview

Using DexProtector Studio: DexProtector JAR and License File

Managing DexProtector JAR and License File

Activating your license via Studio (online)

Activating your license via Studio (offline)

Protecting your APK, AAB, or AAR with DexProtector Studio

Protection Recommendations

Load Package for Protection

Manage Protection Settings

Run Protection and View Protection Results

Final Checklist

Run DexProtector via the CLI

Run DexProtector via DexProtector Studio

Using Alice with DexProtector

General FAQs - DexProtector for Android

FAQs on Installation, Activation, Configuration, and Distribution