apkInspector


NameapkInspector JSON
Version 1.3.2 PyPI version JSON
download
home_pagehttps://github.com/erev0s/apkInspector
SummaryapkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract content and decode the AndroidManifest.xml file.
upload_time2024-09-20 07:29:45
maintainerNone
docs_urlNone
authorerev0s
requires_python<4.0,>=3.5
licenseApache-2.0
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage
            ![apkInspector](https://i.imgur.com/hTzyIDG.png) 
![PyPI - Version](https://img.shields.io/pypi/v/apkInspector)  [![CI](https://github.com/erev0s/apkInspector/actions/workflows/ci.yml/badge.svg)](https://github.com/erev0s/apkInspector/actions/workflows/ci.yml)  [![codecov](https://codecov.io/gh/erev0s/apkInspector/graph/badge.svg?token=A3YXHGXUXF)](https://codecov.io/gh/erev0s/apkInspector)
# apkInspector
apkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract content and decode the AndroidManifest.xml file. What sets APKInspector apart is its adherence to the zip specification during APK parsing, eliminating the need for reliance on external libraries. This independence, allows APKInspector to be highly adaptable, effectively emulating Android's installation process for APKs that cannot be parsed using standard libraries. The main goal is to enable users to conduct static analysis on APKs that employ evasion techniques, especially when conventional methods prove ineffective.

Please check [this blog post](https://erev0s.com/blog/unmasking-evasive-threats-with-apkinspector/) for more details.

## How to install
[apkInspector is available through PyPI](https://pypi.org/project/apkInspector/)
~~~~
pip install apkInspector
~~~~

or you can clone this repository and build and install locally:
~~~~
git clone https://github.com/erev0s/apkInspector.git
cd apkInspector
poetry build
pip install dist/apkInspector-Version_here.tar.gz
~~~~

## Documentation
Documentation created based on the docstrings, is available through Sphinx:  
https://erev0s.github.io/apkInspector/


## CLI
apkInspector offers a command line tool with the same name, with the following options;

~~~~
$ apkInspector -h
usage: apkInspector [-h] [-apk APK] [-f FILENAME] [-ll] [-lc] [-la] [-e] [-x] [-xa] [-m] [-sm SPECIFY_MANIFEST] [-a] [-v]

apkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract
content and decode the AndroidManifest.xml file.

options:
  -h, --help            show this help message and exit
  -apk APK              APK to inspect
  -f FILENAME, --filename FILENAME
                        Filename to provide info for
  -ll, --list-local     List all files by name from local headers
  -lc, --list-central   List all files by name from central directory header
  -la, --list-all       List all files from both central directory and local headers
  -e, --export          Export to JSON. What you list from the other flags, will be exported
  -x, --extract         Attempt to extract the file specified by the -f flag
  -xa, --extract-all    Attempt to extract all files detected in the central directory header
  -m, --manifest        Extract and decode the AndroidManifest.xml
  -sm SPECIFY_MANIFEST, --specify-manifest SPECIFY_MANIFEST
                        Pass an encoded AndroidManifest.xml file to be decoded
  -a, --analyze         Check an APK for static analysis evasion techniques
  -v, --version         Retrieves version information
~~~~


## Library
The library component of apkInspector is designed with extensibility in mind, allowing other tools to seamlessly integrate its functionality. This flexibility empowers developers to leverage the capabilities of apkInspector within their own applications and workflows. To facilitate clear comprehension and ease of use, comprehensive docstrings accompany all primary methods, providing valuable insights into their functionality, expected arguments, and return values. These detailed explanations serve as invaluable guides, ensuring that developers can quickly grasp the inner workings of apkInspector's core features and smoothly incorporate them into their projects.

### Features offered
 - Find end of central directory record
 - Parse central directory of APK and get details about each entry
 - Get details local header for each entry
 - Extract single or all files within an APK
 - Decode AndroidManifest.xml file
 - Identify Tampering Indicators:
   - End of Central Directory record defined multiple times
   - Unknown compression methods
   - Compressed entry with empty filename
   - Unexpected starting signature of AndroidManifest.xml
   - Tampered StringCount value
   - Strings surpassing maximum length
   - Invalid data between elements
   - Unexpected attribute size
   - Unexpected attribute names or values
   - Zero size header for namespace end nodes


The command-line interface (CLI) serves as a practical illustration of how the methods provided by the library have been employed.

## Reliability
Please take [a look at the results](https://github.com/erev0s/apkInspector/tree/main/tests/top_apps) from testing apkInspector against a set of top Play Store applications

## Planned to-do
 - Improve documentation (add examples)
 - Improve code coverage

## Contributions
We welcome contributions from the open-source community to help improve and enhance apkInspector. Whether you're a developer, tester, or documentation enthusiast, your contributions are valuable.

## :rocket: apkInspector is being used by :rocket: : 
 - [androguard](https://github.com/androguard/androguard/)
 - [medusa](https://github.com/Ch0pin/medusa)

## Presentation of the tool and the research behind it
 - Defcon 32 | [PDF](docs/presentation/apkinspector-Defon32-presentation.pdf)

## Disclaimer
It should be kept in mind that apkInspector is an evolving project, a work in progress. As such, users should anticipate occasional bugs and anticipate updates and upgrades as the tool continues to mature and enhance its functionality. Your feedback and contributions to apkInspector are highly appreciated as we work together to improve and refine its capabilities.

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/erev0s/apkInspector",
    "name": "apkInspector",
    "maintainer": null,
    "docs_url": null,
    "requires_python": "<4.0,>=3.5",
    "maintainer_email": null,
    "keywords": null,
    "author": "erev0s",
    "author_email": "projects@erev0s.com",
    "download_url": "https://files.pythonhosted.org/packages/47/f5/8d371281a5cc4f17dc9286d14dc9d78b88cc84980a9fa163c366de1e1496/apkinspector-1.3.2.tar.gz",
    "platform": null,
    "description": "![apkInspector](https://i.imgur.com/hTzyIDG.png) \n![PyPI - Version](https://img.shields.io/pypi/v/apkInspector)  [![CI](https://github.com/erev0s/apkInspector/actions/workflows/ci.yml/badge.svg)](https://github.com/erev0s/apkInspector/actions/workflows/ci.yml)  [![codecov](https://codecov.io/gh/erev0s/apkInspector/graph/badge.svg?token=A3YXHGXUXF)](https://codecov.io/gh/erev0s/apkInspector)\n# apkInspector\napkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract content and decode the AndroidManifest.xml file. What sets APKInspector apart is its adherence to the zip specification during APK parsing, eliminating the need for reliance on external libraries. This independence, allows APKInspector to be highly adaptable, effectively emulating Android's installation process for APKs that cannot be parsed using standard libraries. The main goal is to enable users to conduct static analysis on APKs that employ evasion techniques, especially when conventional methods prove ineffective.\n\nPlease check [this blog post](https://erev0s.com/blog/unmasking-evasive-threats-with-apkinspector/) for more details.\n\n## How to install\n[apkInspector is available through PyPI](https://pypi.org/project/apkInspector/)\n~~~~\npip install apkInspector\n~~~~\n\nor you can clone this repository and build and install locally:\n~~~~\ngit clone https://github.com/erev0s/apkInspector.git\ncd apkInspector\npoetry build\npip install dist/apkInspector-Version_here.tar.gz\n~~~~\n\n## Documentation\nDocumentation created based on the docstrings, is available through Sphinx:  \nhttps://erev0s.github.io/apkInspector/\n\n\n## CLI\napkInspector offers a command line tool with the same name, with the following options;\n\n~~~~\n$ apkInspector -h\nusage: apkInspector [-h] [-apk APK] [-f FILENAME] [-ll] [-lc] [-la] [-e] [-x] [-xa] [-m] [-sm SPECIFY_MANIFEST] [-a] [-v]\n\napkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract\ncontent and decode the AndroidManifest.xml file.\n\noptions:\n  -h, --help            show this help message and exit\n  -apk APK              APK to inspect\n  -f FILENAME, --filename FILENAME\n                        Filename to provide info for\n  -ll, --list-local     List all files by name from local headers\n  -lc, --list-central   List all files by name from central directory header\n  -la, --list-all       List all files from both central directory and local headers\n  -e, --export          Export to JSON. What you list from the other flags, will be exported\n  -x, --extract         Attempt to extract the file specified by the -f flag\n  -xa, --extract-all    Attempt to extract all files detected in the central directory header\n  -m, --manifest        Extract and decode the AndroidManifest.xml\n  -sm SPECIFY_MANIFEST, --specify-manifest SPECIFY_MANIFEST\n                        Pass an encoded AndroidManifest.xml file to be decoded\n  -a, --analyze         Check an APK for static analysis evasion techniques\n  -v, --version         Retrieves version information\n~~~~\n\n\n## Library\nThe library component of apkInspector is designed with extensibility in mind, allowing other tools to seamlessly integrate its functionality. This flexibility empowers developers to leverage the capabilities of apkInspector within their own applications and workflows. To facilitate clear comprehension and ease of use, comprehensive docstrings accompany all primary methods, providing valuable insights into their functionality, expected arguments, and return values. These detailed explanations serve as invaluable guides, ensuring that developers can quickly grasp the inner workings of apkInspector's core features and smoothly incorporate them into their projects.\n\n### Features offered\n - Find end of central directory record\n - Parse central directory of APK and get details about each entry\n - Get details local header for each entry\n - Extract single or all files within an APK\n - Decode AndroidManifest.xml file\n - Identify Tampering Indicators:\n   - End of Central Directory record defined multiple times\n   - Unknown compression methods\n   - Compressed entry with empty filename\n   - Unexpected starting signature of AndroidManifest.xml\n   - Tampered StringCount value\n   - Strings surpassing maximum length\n   - Invalid data between elements\n   - Unexpected attribute size\n   - Unexpected attribute names or values\n   - Zero size header for namespace end nodes\n\n\nThe command-line interface (CLI) serves as a practical illustration of how the methods provided by the library have been employed.\n\n## Reliability\nPlease take [a look at the results](https://github.com/erev0s/apkInspector/tree/main/tests/top_apps) from testing apkInspector against a set of top Play Store applications\n\n## Planned to-do\n - Improve documentation (add examples)\n - Improve code coverage\n\n## Contributions\nWe welcome contributions from the open-source community to help improve and enhance apkInspector. Whether you're a developer, tester, or documentation enthusiast, your contributions are valuable.\n\n## :rocket: apkInspector is being used by :rocket: : \n - [androguard](https://github.com/androguard/androguard/)\n - [medusa](https://github.com/Ch0pin/medusa)\n\n## Presentation of the tool and the research behind it\n - Defcon 32 | [PDF](docs/presentation/apkinspector-Defon32-presentation.pdf)\n\n## Disclaimer\nIt should be kept in mind that apkInspector is an evolving project, a work in progress. As such, users should anticipate occasional bugs and anticipate updates and upgrades as the tool continues to mature and enhance its functionality. Your feedback and contributions to apkInspector are highly appreciated as we work together to improve and refine its capabilities.\n",
    "bugtrack_url": null,
    "license": "Apache-2.0",
    "summary": "apkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract content and decode the AndroidManifest.xml file.",
    "version": "1.3.2",
    "project_urls": {
        "Homepage": "https://github.com/erev0s/apkInspector",
        "Repository": "https://github.com/erev0s/apkInspector"
    },
    "split_keywords": [],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "667e0e71e3e06aa8aaac663d13579344fd440ac03ca6b96b68f673fe6df87342",
                "md5": "e3e4c0096ad25ea64777c0af6b34fd9a",
                "sha256": "8d033694b66c7d86f9bccf54e28ba3e2bb796c335f60dcf38d26f184435001eb"
            },
            "downloads": -1,
            "filename": "apkinspector-1.3.2-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "e3e4c0096ad25ea64777c0af6b34fd9a",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": "<4.0,>=3.5",
            "size": 29568,
            "upload_time": "2024-09-20T07:29:44",
            "upload_time_iso_8601": "2024-09-20T07:29:44.511635Z",
            "url": "https://files.pythonhosted.org/packages/66/7e/0e71e3e06aa8aaac663d13579344fd440ac03ca6b96b68f673fe6df87342/apkinspector-1.3.2-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "47f58d371281a5cc4f17dc9286d14dc9d78b88cc84980a9fa163c366de1e1496",
                "md5": "8ba98600f11b2390f5c131a371ac2428",
                "sha256": "7dbecdd40c2457de7b435d4a41832689074a26a6bf6d820a39ff238eb2c69a4a"
            },
            "downloads": -1,
            "filename": "apkinspector-1.3.2.tar.gz",
            "has_sig": false,
            "md5_digest": "8ba98600f11b2390f5c131a371ac2428",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": "<4.0,>=3.5",
            "size": 27771,
            "upload_time": "2024-09-20T07:29:45",
            "upload_time_iso_8601": "2024-09-20T07:29:45.356600Z",
            "url": "https://files.pythonhosted.org/packages/47/f5/8d371281a5cc4f17dc9286d14dc9d78b88cc84980a9fa163c366de1e1496/apkinspector-1.3.2.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-09-20 07:29:45",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "erev0s",
    "github_project": "apkInspector",
    "travis_ci": false,
    "coveralls": true,
    "github_actions": true,
    "lcname": "apkinspector"
}
        
Elapsed time: 1.26225s