Hacking Tools

apkInspector – A Comprehensive Tool For APK Analysis And Evasion Detection

apkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract content and decode the AndroidManifest.xml file.

What sets APKInspector apart is its adherence to the zip specification during APK parsing, eliminating the need for reliance on external libraries.

This independence, allows APKInspector to be highly adaptable, effectively emulating Android’s installation process for APKs that cannot be parsed using standard libraries.

The main goal is to enable users to conduct static analysis on APKs that employ evasion techniques, especially when conventional methods prove ineffective.

Please check this blog post for more details.

How To Install

pip install apkInspector

or you can clone this repository and build and install locally:

git clone https://github.com/erev0s/apkInspector.git
cd apkInspector
poetry build
pip install dist/apkInspector-Version_here.tar.gz

CLI

apkInspector offers a command line tool with the same name, with the following options;

$ apkInspector -h
usage: apkInspector [-h] [-apk APK] [-f FILENAME] [-ll] [-lc] [-la] [-e] [-x] [-xa] [-m] [-sm SPECIFY_MANIFEST] [-a] [-v]

apkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract
content and decode the AndroidManifest.xml file.

options:
  -h, --help            show this help message and exit
  -apk APK              APK to inspect
  -f FILENAME, --filename FILENAME
                        Filename to provide info for
  -ll, --list-local     List all files by name from local headers
  -lc, --list-central   List all files by name from central directory header
  -la, --list-all       List all files from both central directory and local headers
  -e, --export          Export to JSON. What you list from the other flags, will be exported
  -x, --extract         Attempt to extract the file specified by the -f flag
  -xa, --extract-all    Attempt to extract all files detected in the central directory header
  -m, --manifest        Extract and decode the AndroidManifest.xml
  -sm SPECIFY_MANIFEST, --specify-manifest SPECIFY_MANIFEST
                        Pass an encoded AndroidManifest.xml file to be decoded
  -a, --analyze         Check an APK for static analysis evasion techniques
  -v, --version         Retrieves version information

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: apkInspectorcybersecurityinformationsecuritykalilinuxkalilinuxtools
1 year ago

Recent Posts

Comments in Bash Scripts

What Are Bash Comments? In Bash scripting, comments are notes in your code that the…

17 hours ago

Shebang (#!) in Bash Script

When you write a Bash script in Linux, you want it to run correctly every…

2 days ago

Bash String Concatenation – Bash Scripting

Introduction If you’re new to Bash scripting, one of the first skills you’ll need is…

2 days ago

Learn Bash Scripting: How to Create and Run Shell Scripts for Beginners

What is Bash Scripting? Bash scripting allows you to save multiple Linux commands in a file and…

2 days ago

Bash if…else Statement – Bash Scripting

When it comes to automating tasks on Linux, Bash scripting is an essential skill for both beginners…

2 days ago

Bash Functions Explained: Syntax, Examples, and Best Practices

Learn how to create and use Bash functions with this complete tutorial. Includes syntax, arguments,…

5 days ago