-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
37 additions
and
78 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,87 +1,46 @@ | ||
| # APKX - Android APK Analysis Tool | ||
|
|
||
| APKX is a powerful static analysis tool for Android APK files that helps identify sensitive information, such as: | ||
| - API Keys | ||
| - OAuth Tokens | ||
| - Firebase URLs | ||
| - Email Addresses | ||
| - Endpoints and URLs | ||
| - And more... | ||
|
|
||
| ## Features | ||
|
|
||
| - Fast APK decompilation using JADX | ||
| - Comprehensive pattern matching for sensitive information | ||
| - Clean and simple command-line interface | ||
| - JSON output for easy integration with other tools | ||
| - Customizable regex patterns | ||
|
|
||
| ## Requirements | ||
|
|
||
| - Go 1.19 or later | ||
| - JADX (for APK decompilation) | ||
|
|
||
| ## Installation | ||
|
|
||
| # apkX 🔍⏱️ | ||
|
|
||
| Advanced APK analysis tool with enhanced terminal output and runtime tracking | ||
|
|
||
|  | ||
|  | ||
|  | ||
|
|
||
| ## Requirements 🛠️ | ||
| - jadx 1.4.3+ | ||
| - go 1.21+ | ||
| - Android SDK (for aapt) | ||
| - Java 8 (for jadx) | ||
|
|
||
| ## Features ✨ | ||
| - ⏱️ Runtime duration tracking | ||
| - 🎨 Colorful terminal output with emoji indicators | ||
| - 🔍 Deep APK analysis for: | ||
| - URIs and endpoints | ||
| - Security secrets | ||
| - API keys | ||
| - Sensitive patterns | ||
| - 📊 JSON report generation | ||
| - 📅 Execution timestamp tracking | ||
|
|
||
| ## Installation 📦 | ||
| ```bash | ||
| # Clone the repository | ||
| git clone https://github.com/h0tak88r/apkx.git | ||
| cd apkx | ||
|
|
||
| # Build the project | ||
| go build -o apkx cmd/apkx/main.go | ||
| git clone [email protected]:cyinnove/apkX.git | ||
| cd apkX | ||
| go build -o apkx ./cmd/apkx/main.go | ||
| ``` | ||
|
|
||
| ## Usage | ||
|
|
||
| ## Usage 🚀 | ||
| ```bash | ||
| # Basic usage | ||
| ./apkx -f app.apk | ||
|
|
||
| # Specify custom output file | ||
| ./apkx -f app.apk -o results.json | ||
|
|
||
| # Use custom patterns file | ||
| ./apkx -f app.apk -r patterns.yaml | ||
| ``` | ||
|
|
||
| ### Command Line Flags | ||
|
|
||
| - `-f` : APK file to analyze (required) | ||
| - `-o` : JSON output file (default: apkx-results.json) | ||
| - `-r` : Regex patterns file (default: config/regexes.yaml) | ||
|
|
||
| ## Example Output | ||
|
|
||
| ``` | ||
| === APK Analysis Summary === | ||
| Found sensitive information in 6 categories: | ||
| • API Keys: 2 findings | ||
| • OAuth Tokens: 1 findings | ||
| • Firebase URLs: 1 findings | ||
| • Email Addresses: 3 findings | ||
| • Endpoints: 12 findings | ||
| • URLs: 46 findings | ||
| ./apkx -f <path-to-apk> [flags] | ||
|
|
||
| Results saved to: /path/to/apkx-results.json | ||
| # Example with test APK | ||
| ./apkx -f sample.apk -json -output results.json | ||
| ``` | ||
|
|
||
| ## Custom Patterns | ||
|
|
||
| You can create your own patterns file in YAML format: | ||
|
|
||
| ```yaml | ||
| patterns: | ||
| - name: "API Keys" | ||
| regex: "api[_-]?key[_-]?([0-9a-zA-Z]{32,})" | ||
| - name: "OAuth Tokens" | ||
| regex: "access_token[_-]?([0-9a-zA-Z]{32,})" | ||
| ``` | ||
| ## Contributing | ||
| Contributions are welcome! Please feel free to submit pull requests. | ||
| ## Contributing 🤝 | ||
| We welcome contributions! Please follow our [contribution guidelines](CONTRIBUTING.md). | ||
|
|
||
| ## License | ||
| --- | ||
|
|
||
| This project is licensed under the MIT License - see the LICENSE file for details. | ||
| 🔧 Maintained by [Cyinnove](https://github.com/cyinnove) | 📧 [email protected] |