apk2url - A Powerful Tool for Extracting URL and IP Endpoints from APK Files

apk2url - A Powerful Tool for Extracting URL and IP Endpoints from APK Files

apk2url is a powerful tool designed for extracting URL and IP endpoints from APK files. It is especially useful for red team professionals, penetration testers, and developers who need to quickly identify endpoints associated with Android applications.

Compared to similar tools like APKleaks, MobSF, and AppInfoScanner, apk2url stands out by identifying a significantly higher number of endpoints while offering additional features.

Why Choose apk2url?

apk2url offers several advantages over competing tools:

  • Higher Endpoint Detection: Identifies more URLs, subdomains, and IP addresses than similar tools.

  • Additional Features: Includes subdomain enumeration, source logging, and multi-APK support.

  • Ease of Use: Simple installation and usage process.

Key Features

  1. Subdomain Enumeration: Extracts unique domains and subdomains.

  2. URL + URI Path Finder: Identifies detailed URLs with paths and GET parameters.

  3. IP Address Finder: Extracts IP addresses embedded in the APK.

  4. Log Endpoint Source: Logs the specific file within the APK where each endpoint is discovered.

  5. Multi-APK Support: Processes multiple APK files in a single run.

  6. Easy Installation: Comes with an installation script for quick setup.

Installing apk2url

Before using apk2url, ensure that its dependencies are installed:

Dependencies

apk2url requires two essential tools:

  • apktool

  • jadx

You can install these tools easily using apt or by running the provided installation script.

Manual Installation

To manually install the dependencies:

sudo apt install apktool

sudo apt install jadx

Installing apk2url

Clone the apk2url repository from GitHub and run the installation script:

git clone https://github.com/n0mi1k/apk2url

cd apk2url

./install.sh

Once installed, you can run apk2url from anywhere on your system.

Using apk2url

Basic Usage

To extract endpoints from a single APK file:

apk2url /path/to/apk/file.apk

By default, two output files will be generated in the endpoints directory:

  1. <apkname>_endpoints.txt: Contains full URL paths.

  2. <apkname>_uniq.txt: Contains unique domains and IP addresses.

Processing Multiple APKs

apk2url supports batch processing of multiple APK files in a directory:

apk2url /path/to/apk-directory/

Enable Endpoint Source Logging

To log the specific Android file where each endpoint is found:

apk2url /path/to/apk/file.apk log

Advanced Features

  1. Subdomain Enumeration

    • Extracts unique domains and subdomains from the APK.

    • Useful for identifying potential attack surfaces during penetration testing.

  2. Detailed URL Discovery

    • Finds URLs with paths and GET parameters for deeper analysis.

  3. IP Address Extraction

    • Identifies hardcoded IP addresses within the application.

  4. Multi-APK Support

    • Allows you to analyze multiple APK files in one run, saving time during large-scale assessments.

Output Files

By default, apk2url generates two types of output files in the endpoints directory:

File Name

Description

<apkname>_endpoints.txt

Contains all discovered endpoints with full paths.

<apkname>_uniq.txt

Contains unique domains and IP addresses only.

Tested Environments

apk2url has been tested on the following operating systems:

  • Kali Linux 2023.2

  • Ubuntu 22.04

You can learn more and Download apk2url in GitHub.

Upgrade Your Cybersecurity Skills EHA: Learn 150+ Practical Cyber Security Courses Online With Life Time Access - Enroll Here

Back to blog