APKLeaks - Automated APK Scanning for Secrets and Vulnerabilities

APKLeaks - Automated APK Scanning for Secrets and Vulnerabilities

APKLeaks is a tool designed to scan APK files for sensitive information such as URIs, endpoints, and secrets. This guide provides detailed instructions on how to install, configure, and use APKLeaks effectively

Installation

1. From PyPi

To install APKLeaks via PyPi, run the following command:

pip3 install apkleaks

2. From Source

Clone the repository and install the required dependencies:

git clone https://github.com/dwisiswant0/apkleaks

cd apkleaks/

pip3 install -r requirements.txt

3. From Docker

Pull the Docker image using:

docker pull dwisiswant0/apkleaks:latest

Dependencies

APKLeaks uses the jadx disassembler to decompile APK files. If jadx is not installed on your system, APKLeaks will prompt you to download it.

Usage

Basic Commands

  • From PyPi installation:

apkleaks -f ~/path/to/file.apk

  • From Source:

python3 apkleaks.py -f ~/path/to/file.apk

  • Using Docker:

docker run -it --rm -v /tmp:/tmp dwisiswant0/apkleaks:latest -f /tmp/file.apk

Options

APKLeaks supports several command-line arguments for customization:

Argument

Description

Example

-f, --file

Specify the APK file to scan

apkleaks -f file.apk

-o, --output

Save results to a specified file

apkleaks -f file.apk -o results.txt

-p, --pattern

Use custom patterns in JSON format

apkleaks -f file.apk -p custom-rules.json

-a, --args

Pass additional arguments to disassembler

apkleaks -f file.apk --args="--deobf"

--json

Save results in JSON format

apkleaks -f file.apk -o results.json --json

Output

If the -o argument is not provided, APKLeaks will automatically generate a results file with a random name in text format. To save results in JSON format, use the --json argument.

Custom Patterns

You can define your own sensitive search rules using a JSON file. If no custom pattern is provided, APKLeaks uses its default patterns from the regexes.json file.

Example of a custom pattern file (custom-rules.json):

{

  "Amazon AWS Access Key ID": "AKIA[0-9A-Z]{16}"

}

Run APKLeaks with custom patterns:

apkleaks -f /path/to/file.apk -p custom-rules.json -o ~/Documents/apkleaks-results.txt

Disassembler Arguments

APKLeaks allows users to pass additional arguments to the disassembler (jadx). For example:

apkleaks -f /path/to/file.apk -a "--threads-count 5"

Warning: Be cautious with custom arguments to avoid conflicts with default settings. By following this guide, you can efficiently install and use APKLeaks to analyze APK files for sensitive information. You can learn more and Download APKLeaks in GitHub.

Upgrade Your Cybersecurity Skills EHA: Learn 150+ Practical Cyber Security Courses Online With Life Time Access - Enroll Here

 

Back to blog