apkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract content and decode the AndroidManifest.xml file.
What sets APKInspector apart is its adherence to the zip specification during APK parsing, eliminating the need for reliance on external libraries.
This independence, allows APKInspector to be highly adaptable, effectively emulating Android’s installation process for APKs that cannot be parsed using standard libraries.
The main goal is to enable users to conduct static analysis on APKs that employ evasion techniques, especially when conventional methods prove ineffective.
Please check this blog post for more details.
pip install apkInspector
or you can clone this repository and build and install locally:
git clone https://github.com/erev0s/apkInspector.git
cd apkInspector
poetry build
pip install dist/apkInspector-Version_here.tar.gz
apkInspector offers a command line tool with the same name, with the following options;
$ apkInspector -h
usage: apkInspector [-h] [-apk APK] [-f FILENAME] [-ll] [-lc] [-la] [-e] [-x] [-xa] [-m] [-sm SPECIFY_MANIFEST] [-a] [-v]
apkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract
content and decode the AndroidManifest.xml file.
options:
-h, --help show this help message and exit
-apk APK APK to inspect
-f FILENAME, --filename FILENAME
Filename to provide info for
-ll, --list-local List all files by name from local headers
-lc, --list-central List all files by name from central directory header
-la, --list-all List all files from both central directory and local headers
-e, --export Export to JSON. What you list from the other flags, will be exported
-x, --extract Attempt to extract the file specified by the -f flag
-xa, --extract-all Attempt to extract all files detected in the central directory header
-m, --manifest Extract and decode the AndroidManifest.xml
-sm SPECIFY_MANIFEST, --specify-manifest SPECIFY_MANIFEST
Pass an encoded AndroidManifest.xml file to be decoded
-a, --analyze Check an APK for static analysis evasion techniques
-v, --version Retrieves version information
For more information click here.
bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…
Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…
Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…
Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…