ApkLeaks – Scanning APK File For URIs, Endpoints And Secrets

Scanning APK file for URIs, endpoints & secrets.Installation

To install apkLeaks, simply:

$ git clone https://github.com/dwisiswant0/apkleaks
$ cd apkleaks/
$ pip install -r requirements.txt

Or download at release tab.
Dependencies
This package works in Python2(not Python3).

Install global packages:
Linux

$ sudo apt-get install libssl-dev swig -y

OSX

$ brew install openssl swig

Windows

You need to install:

Usage

Basically,

$ python apkleaks.py -f ~/path/to/file.apk

Options

usage: apkleaks [-h] -f FILE [-o OUTPUT] [-p PATTERN]

optional arguments:
-h, --help show this help message and exit
-f FILE, --file FILE APK file to scanning
-o OUTPUT, --output OUTPUT
Write to file results (NULL will be saved into random
file)
-p PATTERN, --pattern PATTERN
Path to custom patterns JSON

In general, if you don’t provide -o argument, then it will generate results file automatically.

Custom patterns can be added with the following flag --pattern /path/to/rules.json to provide sensitive search rules in the JSON file format. For example,

// rules.json
{
"Amazon AWS Access Key ID": "AKIA[0-9A-Z]{16}",
...
}
$ python apkleaks.py -f /path/to/file.apk -c rules.json -o ~/Documents/apkleaks-resuts.txt

Version

Current version is v1.0.2, and still development.

Download Apkleaks

+————————————————-

This is only an educational purposes only I am not responsible for further activities

Join my forum and learn more ethical hacking and penetration testing

https://t.me/WhiteHatHacks

Get me at

https://t.me/alex14324

https://github.com/alex14324

https://www.instagram.com/alex_14324/

https://discord.gg/6NPtGxZ

——————————————————-+

Leave a Reply

Your email address will not be published. Required fields are marked *