Skip to content

Scanning APK file for URIs, endpoints & secrets.

License

Notifications You must be signed in to change notification settings

cqr-cryeye-forks/apkleaks

 
 

Repository files navigation

APKLeaks

version contributions

Scanning APK file for URIs, endpoints & secrets.

APKLeaks


Installation

It's fairly simple to install APKLeaks:

from PyPi

$ pip3 install apkleaks

from Source

Clone repository and install requirements:

$ git clone https://github.com/dwisiswant0/apkleaks
$ cd apkleaks/
$ pip3 install -r requirements.txt

from Docker

Pull the Docker image by running:

$ docker pull dwisiswant0/apkleaks:latest

Dependencies

The APKLeaks utilizes the jadx disassembler to decompile APK files. If jadx is not present in your system, it will prompt you to download it.

Usage

Simply,

$ apkleaks -f ~/path/to/file.apk
# from Source
$ python3 apkleaks.py -f ~/path/to/file.apk
# or with Docker
$ docker run -it --rm -v /tmp:/tmp dwisiswant0/apkleaks:latest -f /tmp/file.apk

Options

Here are all the options it supports.

Argument Description Example
-f, --file APK file to scanning apkleaks -f file.apk
-o, --output Write to file results (random if not set) apkleaks -f file.apk -o results.txt
-p, --pattern Path to custom patterns JSON apkleaks -f file.apk -p custom-rules.json
-a, --args Disassembler arguments apkleaks -f file.apk --args="--deobf --log-level DEBUG"
--json Save as JSON format apkleaks -f file.apk -o results.json --json

Output

In general, if you don't provide -o argument, then it will generate results file automatically.

Tip

By default it will also save the results in text format, use --json argument if you want JSON output format.

Pattern

Custom patterns can be added with the following argument to provide sensitive search rules in the JSON file format: --pattern /path/to/custom-rules.json. If no file is set, the tool will use the default patterns found in regexes.json file.

Here's an example of what a custom pattern file could look like:

// custom-rules.json
{
  "Amazon AWS Access Key ID": "AKIA[0-9A-Z]{16}",
  // ...
}

To run the tool using these custom rules, use the following command:

$ apkleaks -f /path/to/file.apk -p rules.json -o ~/Documents/apkleaks-results.txt

Arguments (disassembler)

We give user complete discretion to pass the disassembler arguments. For example, if you want to activate threads in jadx decompilation process, you can add it with -a/--args argument, example: --args="--threads-count 5".

$ apkleaks -f /path/to/file.apk -a "--deobf --log-level DEBUG"

Warning

Please pay attention to the default disassembler arguments we use to prevent collisions.

License

apkleaks is distributed under Apache 2.

Acknowledments

Since this tool includes some contributions, and I'm not an asshole, I'll publically thank the following users for their helps and resources:

About

Scanning APK file for URIs, endpoints & secrets.

Resources

License

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Shell 44.5%
  • Python 29.2%
  • Batchfile 25.1%
  • Dockerfile 1.2%