apkleaks: Scanning APK file for URIs, endpoints & secrets
apkLeaks
Scanning APK file for URIs, endpoints & secrets.
Installation
Linux
$ sudo apt-get install libssl-dev swig -y
OSX
$ brew install openssl swig
Windows
You need to install:
To install apkLeaks, simply:
$ git clone https://github.com/dwisiswant0/apkleaks
$ cd apkleaks/
$ pip install -r requirements.txt
Use
$ python apkleaks.py -f ~/path/to/file.apk
In general, if you don’t provide -o argument, then it will generate the results file automatically.
Custom patterns can be added with the following flag –pattern /path/to/rules.json to provide sensitive search rules in the JSON file format. For example,
// rules.json { "Amazon AWS Access Key ID": "AKIA[0-9A-Z]{16}", ... }$ python apkleaks.py -f /path/to/file.apk -c rules.json -o ~/Documents/apkleaks-resuts.txt
Copyright (C) 2020 dwisiswant0
Source: https://github.com/dwisiswant0/
