ApkLeaks – Tool For Scanning APK file to Extract URIs, Endpoints & Secrets

ApkLeaks - Tool For Scanning Mobile Application APK file to Extract All Data URIs, Endpoints & Secrets

APKLeaks

APKLeaks is a tool for scanning mobile application (APK) file to extract all URIs, endpoints & secrets. With this tool you can automatically extract all data and information on apk files.

Installation

It’s fairly simple to install APKLeaks:

from PyPi

$ pip3 install apkleaks

from Source

Clone repository and install requirements:

$ git clone https://github.com/dwisiswant0/apkleaks $ cd apkleaks/ $ pip3 install -r requirements.txt

from Docker

Pull the Docker image by running:

$ docker pull dwisiswant0/apkleaks:latest

Dependencies

APKLeaks using jadx disassembler to decompile APK file. If it doesn’t exist in your environment, it’ll ask you to download.

Usage

Simply type,

$ apkleaks -f ~/path/to/file.apk # from Source $ python3 apkleaks.py -f ~/path/to/file.apk # or with Docker $ docker run -it –rm -v /tmp:/tmp dwisiswant0/apkleaks:latest -f /tmp/file.apk

Options

Here are all the options it supports.

ArgumentDescriptionExample
-f, –fileAPK file to scanningapkleaks -f file.apk
-o, –outputWrite to file results (random if not set)apkleaks -f file.apk -o results.txt
-p, –patternPath to custom patterns JSONapkleaks -f file.apk -p custom-rules.json
-a, –argsDisassembler argumentsapkleaks -f file.apk --args="--deobf --log-level DEBUG"
–jsonSave as JSON formatapkleaks -f file.apk -o results.json --json

Output

In general, if you don’t provide -o argument, then it will generate results file automatically.

NOTE: By default it will also save the results in text format, use --json argument if you want JSON output format.

Pattern

Custom patterns can be added with the following argument to provide sensitive search rules in the JSON file format: --pattern /path/to/custom-rules.json. If not set, it’ll use default patterns from regexes.json file.

Example patterns file:

// custom-rules.json { “Amazon AWS Access Key ID”: “AKIA[0-9A-Z]{16}”, … }

$ apkleaks -f /path/to/file.apk -p rules.json -o ~/Documents/apkleaks-results.txt

Arguments (disassembler)

We give user complete discretion to pass the disassembler arguments. For example, if you want to activate threads in jadx decompilation process, you can add it with -a/--args argument, example: --args="--threads-count 5".

$ apkleaks -f /path/to/file.apk -a “–deobf –log-level DEBUG”

NOTE: Please pay attention to the default disassembler arguments we use to prevent collisions.


ApkLeaks - Tool For Scanning Mobile Application APK file to Extract All Data URIs, Endpoints & Secrets
Next Post

No more post

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *

fifteen − three =