dexray-insight

Name	dexray-insight JSON
Version	0.0.9.1 JSON
	download
home_page	None
Summary	This project is part of the dynamic Sandbox SanDroid. Its purpose is to do static analysis to grasp a basic understanding of an Android application.
upload_time	2025-08-01 12:04:04
maintainer	None
docs_url	None
author	Jan-Niclas Hilgert, Jannis Finn Borg-Olivier
requires_python	>=3.8
license	GPL-3.0
keywords	mobile static analysis apk malware android
VCS
bugtrack_url
requirements	No requirements were recorded.
Travis-CI	No Travis.
coveralls test coverage	No coveralls.

            <div align="center">
    <img src="assets/logo.png" alt="Dexray Intercept Logo" width="500"/>
    <p></p><strong>Android Binary Static Analysis</strong></div></p>
</div>

# Sandroid - Dexray Insight
![version](https://img.shields.io/badge/version-0.0.9.0-blue)

Dexray Insight is part of the dynamic Sandbox SanDroid. Its purpose is to perform static analysis of Android application files (APK) using a modern OOP architecture. The tool consists of different analysis modules:

## Features

- **Signature Detection Module**: Performs signature-based analysis using VirusTotal, Koodous, and Triage APIs
- **Permission Analysis Module**: Extracts and filters permissions against critical permission lists
- **String Analysis Module**: Extracts and categorizes strings (IPs, domains, URLs, email addresses, Android properties)
- **API Invocation Analysis Module**: Analyzes API calls and reflection usage
- **Manifest Analysis Module**: Extracts intent filters, activities, services, and receivers from AndroidManifest.xml
- **APKID Integration**: Detects packers, obfuscation, and anti-analysis techniques
- **Kavanoz Integration**: Static unpacking of packed Android malware
- **Security Analysis**: Runtime-specific security checks for DEX and .NET code


## Install

You can install Dexray Insight with pip:
```bash
python3 -m pip install dexray-insight
```

This installs Dexray Insight as a command-line tool, accessible via the command `dexray-insight`. 
Additionally, it provides the package `dexray_insight`, which you can use as a library in your code (see the section below on usage as a package).

## Running with Docker
To run Dexray Insight in a Docker container, start by building the Docker image:
```bash
docker build -t dexray-insight .
```

Once built, you can use Docker to analyze an APK file. Mount a local directory containing the APK file into the container and run the analysis:

```bash
docker run -v /path/to/local/apk/directory:/app/ dexray-insight /app/yourfile.apk

```

So for instance this could be the analysis of the `Sara.apk` using Docker:
```bash
$ unzip -P androidtrainingpassword samples/Sara_androidtrainingpassword.zip                     
Archive:  samples/Sara_androidtrainingpassword.zip
  inflating: Sara.apk

$ docker run -v $(pwd):/app/ dexray-insight /app/Sara.apk
        Dexray Insight
⠀⠀⠀⠀⢀⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣀⣀⣀⣀⣀⡀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠙⢷⣤⣤⣴⣶⣶⣦⣤⣤⡾⠋⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣴⠾⠛⢉⣉⣉⣉⡉⠛⠷⣦⣄⠀⠀⠀⠀
⠀⠀⠀⠀⠀⣴⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣦⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣴⠋⣠⣴⣿⣿⣿⣿⣿⡿⣿⣶⣌⠹⣷⡀⠀⠀
⠀⠀⠀⠀⣼⣿⣿⣉⣹⣿⣿⣿⣿⣏⣉⣿⣿⣧⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣼⠁⣴⣿⣿⣿⣿⣿⣿⣿⣿⣆⠉⠻⣧⠘⣷⠀⠀
⠀⠀⠀⢸⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢰⡇⢰⣿⣿⣿⣿⣿⣿⣿⣿⣿⡿⠀⠀⠈⠀⢹⡇⠀
⣠⣄⠀⢠⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠀⣠⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⡇⢸⣿⠛⣿⣿⣿⣿⣿⣿⡿⠃⠀⠀⠀⠀⢸⡇⠀
⣿⣿⡇⢸⣿⣿⣿SanDroid⣿⣿⣿⡇⢸⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⣷⠀⢿⡆⠈⠛⠻⠟⠛⠉⠀⠀⠀⠀⠀⠀⣾⠃⠀
⣿⣿⡇⢸⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡇⢸⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠸⣧⡀⠻⡄⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣼⠃⠀⠀
⣿⣿⡇⢸⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡇⢸⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢼⠿⣦⣄⠀⠀⠀⠀⠀⠀⠀⣀⣴⠟⠁⠀⠀⠀
⣿⣿⡇⢸⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡇⢸⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⣠⣾⣿⣦⠀⠀⠈⠉⠛⠓⠲⠶⠖⠚⠋⠉⠀⠀⠀⠀⠀⠀
⠻⠟⠁⢸⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡇⠈⠻⠟⠀⠀⠀⠀⠀⠀⣠⣾⣿⣿⠟⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠉⠉⣿⣿⣿⡏⠉⠉⢹⣿⣿⣿⠉⠉⠀⠀⠀⠀⠀⠀⠀⠀⣠⣾⣿⣿⠟⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⣿⣿⣿⡇⠀⠀⢸⣿⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⣾⣿⣿⠟⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⣿⣿⣿⡇⠀⠀⢸⣿⣿⣿⠀⠀⠀⠀⠀⠀⠀⢀⣄⠈⠛⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠈⠉⠉⠀⠀⠀⠀⠉⠉⠁⠀⠀⠀⠀⠀⠀⠀⠀⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
        version: 0.0.9.0 (OOP Architecture)

apkstaticanalysismonitor.api_invocation_analysis.api_analysis_modulerunning
apkstaticanalysismonitor.signature_detection.signature_detection_modulerunning
Signature detection module running
triage hashcheck failed
{'error': 'NOT_FOUND', 'message': 'No such endpoint'}
apkstaticanalysismonitor.string_analysis.string_analysis_modulerunning
string analysis module running
apkstaticanalysismonitor.manifest_analysis.manifest_analysis_modulerunning
apkstaticanalysismonitor.permission_analysis.permission_analysis_modulerunning
Missing list of Critical Permissions, using default list instead
Results for /app/Sara.apk:
Found these intent Filters:

Found the following (critical) Permissions:
android.permission.READ_CONTACTS
android.permission.ACCESS_FINE_LOCATION
android.permission.CAMERA
android.permission.READ_EXTERNAL_STORAGE
android.permission.READ_SMS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.SYSTEM_ALERT_WINDOW

Signature check results: 
{'koodous': None, 'vt': None, 'triage': None}
found IPs:
found Email adresses:
[]
found Domains:
found URLs:
Activities found:
['com.termuxhackers.id.MainActivity']
Receivers found:

Services found:
['com.termuxhackers.id.MyService']

Thx for using Dexray Insight and have a great day!
$   
```


## Usage

### Basic Analysis
To run Dexray Insight directly from the command line, use the following command:

```bash
dexray-insight <path_to_apk>
```

### Advanced Options

**Enable debug logging:**
```bash
dexray-insight <path_to_apk> -d DEBUG
```

**Enable verbose output (full JSON results):**
```bash
dexray-insight <path_to_apk> -v
```

**Enable signature checking:**
```bash
dexray-insight <path_to_apk> -sig
```

**Enable OWASP Top 10 security analysis:**
```bash
dexray-insight <path_to_apk> -s
```

**APK diffing analysis:**
```bash
dexray-insight <path_to_apk> --diffing_apk <second_apk>
```

**Exclude specific .NET libraries:**
```bash
dexray-insight <path_to_apk> --exclude_net_libs <path_to_exclusion_file>
```

**Using custom configuration file:**
```bash
dexray-insight <path_to_apk> -c <config_file>
```

### Sample Output

When you run `dexray-insight <apk_file>`, you'll see an analyst-friendly summary like this:

```
📱 DEXRAY INSIGHT ANALYSIS SUMMARY
================================================================================

📋 APK INFORMATION
----------------------------------------
App Name: System Application
Package: net.example.app
Main Activity: com.example.MainActivity
Version: 1.0
File Size: 160273
MD5: 5f81d45ceae3441e...

🔐 PERMISSIONS (25 total)
----------------------------------------
⚠️  Critical Permissions:
   • android.permission.RECEIVE_SMS
   • android.permission.READ_PHONE_STATE
   • android.permission.SEND_SMS
   ... and 2 more critical permissions
ℹ️  Other Permissions: 20 (see full JSON for details)

🔍 STRING ANALYSIS (URLs: 3, Domains: 13)
----------------------------------------
🌐 IP Addresses: 2
   • 192.168.1.1
   • 10.0.0.1
🏠 Domains: 13
   • example.com
   • google.com
   • facebook.com
   ... and 10 more
🔗 URLs: 3
   • https://api.example.com
   • http://test.org

🔧 COMPILER & APKID ANALYSIS
----------------------------------------
🎯 Primary DEX Compiler: dexlib 2.x
   ⚠️  WARNING: dexlib 2.x detected - APK may be repacked/modified

🛠️  All Compiler(s) Detected:
   • dexlib 2.x ⭐ (Primary DEX)

📦 PACKING ANALYSIS
----------------------------------------
✅ APK does not appear to be packed

🏗️  COMPONENTS
----------------------------------------
Activities: 8
Services: 7
Receivers: 5
```

### Large APK Files
Analyzing large APK files may produce a lot of output. You can pipe the output to `less` for easier scrolling:
```bash
dexray-insight <path_to_apk> | less
```


## Run as Python Package

In addition to using Dexray Insight as a CLI tool, you can import the `dexray_insight` package in your own Python scripts for flexible integration and automated analysis workflows.

```python
from dexray_insight import asam

# Run APK static analysis with modern OOP architecture
results, result_file_name, security_result_file_name = asam.start_apk_static_analysis(
    apk_file_path="<path to APK>",
    do_signature_check=False,  # Enable signature checks (VirusTotal, Koodous, Triage)
    apk_to_diff=None,  # Optional: provide a second APK for diffing analysis
    print_results_to_terminal=False,  # Disable printing results to the terminal
    is_verbose=False,  # Disable verbose output (show analyst summary instead)
    do_sec_analysis=False,  # Enable OWASP Top 10 security assessment
    exclude_net_libs=None  # Optional: path to .NET library exclusion file
)

# Access results object
results.print_results()  # Prints complete JSON results
results.print_analyst_summary()  # Prints analyst-friendly summary

# Get results in different formats
json_output = results.to_json()  # Complete results as JSON string
dict_output = results.to_dict()  # Complete results as dictionary
```

### Results Structure

The results object returned is an instance of the `FullAnalysisResults` class, which provides structured access to all analysis modules:

**Main Fields:**
- `apk_overview`: General APK metadata (file info, components, permissions, certificates)
- `in_depth_analysis`: Detailed analysis results (strings, permissions, signatures, intents)
- `apkid_analysis`: APKID results (compiler detection, packer analysis, obfuscation techniques)
- `kavanoz_analysis`: Kavanoz results (packing detection and unpacking attempts)

**Key Methods:**
- `to_dict() -> Dict[str, Any]`: Returns combined results as dictionary
- `to_json() -> str`: Returns combined results as JSON string
- `print_results()`: Prints complete JSON results to terminal
- `print_analyst_summary()`: Prints analyst-friendly summary with key findings
- `update_from_dict(updates: Dict[str, Any])`: Updates specific fields from dictionary

### Output Files

Analysis generates timestamped JSON files with comprehensive results:
- **Main results**: `dexray_{apk_name}_{timestamp}.json`
- **Security assessment** (if enabled): Additional security-focused results

### Example Results Access

```python
# Access specific analysis results
emails = results.in_depth_analysis.strings_emails
domains = results.in_depth_analysis.strings_domain
compiler = results.apkid_analysis.files[0].matches.get('compiler', [])
permissions = results.apk_overview.permissions

# Check analysis status
if results.apkid_analysis.apkid_version:
    print(f"APKID version: {results.apkid_analysis.apkid_version}")
```

## Development and Installation

### Development Installation

For development and making changes to the code, install Dexray Insight in editable mode:

```bash
# Install in editable mode for development
python3 -m pip install -e .

# Install dependencies only
python3 -m pip install -r requirements.txt
```

This way local changes in the Python code are reflected without creating a new version of the package.

### Standard Installation

```bash
# Standard installation
python3 -m pip install .
```


## Requirements

### System Requirements
- **Python 3.6+** - Core runtime environment
- **Docker** (optional) - For containerized deployment

### Python Dependencies
Core dependencies are automatically installed via pip:
- `androguard` - Android app analysis library
- `apkid` - Packer and compiler detection
- `kavanoz` - Static unpacking tool
- `loguru` - Advanced logging
- `requests` - HTTP API communications

Install all dependencies:
```bash
python3 -m pip install -r requirements.txt
```

### SSDeep Problem

When installing ssdeep as python package on MacOS with M1 you will likely encounter some issues. If you already installed ssdeep via `brew` normally the following commands should help:  

```
$ brew ls ssdeep
/usr/local/Cellar/ssdeep/2.14.1/bin/ssdeep
/usr/local/Cellar/ssdeep/2.14.1/include/ (2 files)
/usr/local/Cellar/ssdeep/2.14.1/lib/libfuzzy.2.dylib
/usr/local/Cellar/ssdeep/2.14.1/lib/ (2 other files)
/usr/local/Cellar/ssdeep/2.14.1/share/man/man1/ssdeep.1
$ export LDFLAGS="-L/usr/local/Cellar/ssdeep/2.14.1/lib/"
$ export C_INCLUDE_PATH=/usr/local/Cellar/ssdeep/2.14.1/include/
$ python3 -m pip install ssdeep
```

On new versions:
```bash
$ brew ls ssdeep
/usr/local/Cellar/ssdeep/2.14.1/bin/ssdeep
/usr/local/Cellar/ssdeep/2.14.1/include/ (2 files)
/usr/local/Cellar/ssdeep/2.14.1/lib/libfuzzy.2.dylib
/usr/local/Cellar/ssdeep/2.14.1/lib/ (2 other files)
/usr/local/Cellar/ssdeep/2.14.1/share/man/man1/ssdeep.1
$ export LDFLAGS="-L/usr/local/Cellar/ssdeep/2.14.1/lib"
$ export C_INCLUDE_PATH=/opt/homebrew/Cellar/ssdeep/2.14.1/include
$ brew install libtool automake
$ brew --prefix
$ ln -s /usr/local/bin/glibtoolize /usr/local/Homebrew/bin/libtoolize #adjust to the output of brew --prefix
$ BUILD_LIB=1 pip install ssdeep
$ stat libtoolize # if this can't be found you have to fix that
$ ln -s /usr/local/bin/glibtoolize $HOME/bin/libtoolize
$ BUILD_LIB=1 pip install ssdeep
```


More on the following [link](https://stackoverflow.com/questions/75302631/installing-ssdeep-package-from-pypi-on-m1-macbook).

## Projects and Dependencies Used

Dexray Insight builds upon several excellent open-source projects and tools:

### Core Analysis Libraries
- **[Androguard](https://github.com/androguard/androguard)** - Android app analysis library for DEX/APK parsing and manipulation
- **[APKID](https://github.com/rednaga/APKiD)** - Android Application Identifier for packer and compiler detection
- **[Kavanoz](https://github.com/eybisi/kavanoz)** - Static unpacking tool for packed Android malware

### Security Analysis APIs
- **[VirusTotal API](https://www.virustotal.com/)** - Malware detection and analysis service
- **[Koodous API](https://koodous.com/)** - Collaborative platform for Android malware analysis
- **[Triage API](https://tria.ge/)** - Automated malware analysis sandbox

### Python Libraries
- **[loguru](https://github.com/Delgan/loguru)** - Advanced logging for Python
- **[requests](https://github.com/psf/requests)** - HTTP library for API communications
- **[ssdeep](https://github.com/DinoTools/python-ssdeep)** - Fuzzy hashing library for similarity analysis
- **[yara-python](https://github.com/VirusTotal/yara-python)** - Python bindings for YARA pattern matching

### Static Analysis Tools
- **[droidlysis](https://github.com/cryptax/droidlysis)** - Property extractor for Android apps (planned integration)
- **[LibRadar](https://github.com/pkumza/LibRadar)** - Third-party library identification (planned integration)
- **[mariana-trench](https://github.com/facebook/mariana-trench)** - Security-focused static analyzer (planned integration)

### Privacy Analysis Tools
- **[exodus-core](https://github.com/Exodus-Privacy/exodus-core)** - Privacy tracker detection (planned integration)
- **[Pithus](https://beta.pithus.org/)** - Android malware analysis platform (planned integration)

### Development and Build Tools
- **Python 3.6+** - Core runtime environment
- **setuptools** - Package building and distribution
- **Docker** - Containerized deployment support

### Special Thanks
We acknowledge and thank all the maintainers and contributors of these projects for making advanced Android static analysis accessible to the security community.

## Roadmap

- [x] Create the signature based detection module. WIP for triage
- [x] Create the permission module
- [x] Create the string analysis module
- [ ] Create the API invocation module. WIP
- [x] Create the Android manifest analysis module
- [x] Each output should by default be in JSON-format when running as a package. So each module has its own JSON-format
- [ ] Improved Intent Analysis
- [ ] Improve and add documentation to source files (doc strings)
- [ ] Integrate [Androguard](https://github.com/androguard/androguard) as own JSON element
- [ ] Integrate [mariana-trench](https://github.com/facebook/mariana-trench) as own JSON element for Security Analysis
- [ ] Integrate [droidlysis](https://github.com/cryptax/droidlysis/tree/master) as own JSON element to get an detaild overview of the components
- [ ] Integrate [exodus-core](https://github.com/Exodus-Privacy/exodus-core/blob/v1/exodus_core/analysis ) as own JSON element to analyze for privacy tracking issues
- [ ] Integrate [Pithus](https://beta.pithus.org/about/) as own JSON element
- [ ] Improve the string analysis module (e.g. a lot of false positives for domain identification) and add feature for base64 strings
- [ ] Add feature to identify all files inside the apk which has a certain size and likely a packed binary (e.g. high entropy)
- [ ] For the later security analysis this kind of check is useful: https://github.com/Hrishikesh7665/Android-Pentesting-Checklist 
- [x] Static unpacking off common android packed malware.[More](https://github.com/eybisi/kavanoz).
- [ ] Integrate some stuff of the FAME framework. [More](https://github.com/certsocietegenerale/fame).
- [ ] We should fork [LibRadar](https://github.com/pkumza/LibRadar) to identifying 3rd party libs in Android and migrate (and extend) it to python3 (there is already a limited python3 version [here](https://github.com/7homasSutter/LibRadar-Refactoring)). And we should further merge its capabilites with the ones from [apk-anal](https://github.com/mhelwig/apk-anal). Development of this module should be done under [APKInsight on github](https://github.com/fkie-cad/APKInsight).
- [ ] After running ammm we should use its tracked runtime behavior for enabling the detection of malicious activities that may not be evident through static analysis alone. 
- [ ] Maybe integrating something like that https://github.com/struppigel/PortEx
- [ ] The new samples should be analyzed so it gets the same results as https://www.apklab.io/apk.html?download=1&hash=72888975925abd4f55b2dd0c2c17fc68670dd8dee1bae2baabc1de6299e6cc05&tab=dynamic&dynamic=feature-history
- maybe each module should be run in its own thread?

            

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "dexray-insight",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.8",
    "maintainer_email": null,
    "keywords": "mobile, static analysis, apk, malware, android",
    "author": "Jan-Niclas Hilgert, Jannis Finn Borg-Olivier",
    "author_email": "Daniel Baier <daniel.baier@fkie.fraunhofer.de>",
    "download_url": "https://files.pythonhosted.org/packages/24/50/78ef28d9f0d2d8ec1811ac0bebce2212b8a5d88da82432814bbfe9e02b30/dexray_insight-0.0.9.1.tar.gz",
    "platform": null,
    "description": "<div align=\"center\">\n    <img src=\"assets/logo.png\" alt=\"Dexray Intercept Logo\" width=\"500\"/>\n    <p></p><strong>Android Binary Static Analysis</strong></div></p>\n</div>\n\n# Sandroid - Dexray Insight\n![version](https://img.shields.io/badge/version-0.0.9.0-blue)\n\nDexray Insight is part of the dynamic Sandbox SanDroid. Its purpose is to perform static analysis of Android application files (APK) using a modern OOP architecture. The tool consists of different analysis modules:\n\n## Features\n\n- **Signature Detection Module**: Performs signature-based analysis using VirusTotal, Koodous, and Triage APIs\n- **Permission Analysis Module**: Extracts and filters permissions against critical permission lists\n- **String Analysis Module**: Extracts and categorizes strings (IPs, domains, URLs, email addresses, Android properties)\n- **API Invocation Analysis Module**: Analyzes API calls and reflection usage\n- **Manifest Analysis Module**: Extracts intent filters, activities, services, and receivers from AndroidManifest.xml\n- **APKID Integration**: Detects packers, obfuscation, and anti-analysis techniques\n- **Kavanoz Integration**: Static unpacking of packed Android malware\n- **Security Analysis**: Runtime-specific security checks for DEX and .NET code\n\n\n## Install\n\nYou can install Dexray Insight with pip:\n```bash\npython3 -m pip install dexray-insight\n```\n\nThis installs Dexray Insight as a command-line tool, accessible via the command `dexray-insight`. \nAdditionally, it provides the package `dexray_insight`, which you can use as a library in your code (see the section below on usage as a package).\n\n## Running with Docker\nTo run Dexray Insight in a Docker container, start by building the Docker image:\n```bash\ndocker build -t dexray-insight .\n```\n\nOnce built, you can use Docker to analyze an APK file. Mount a local directory containing the APK file into the container and run the analysis:\n\n```bash\ndocker run -v /path/to/local/apk/directory:/app/ dexray-insight /app/yourfile.apk\n\n```\n\nSo for instance this could be the analysis of the `Sara.apk` using Docker:\n```bash\n$ unzip -P androidtrainingpassword samples/Sara_androidtrainingpassword.zip                     \nArchive:  samples/Sara_androidtrainingpassword.zip\n  inflating: Sara.apk\n\n$ docker run -v $(pwd):/app/ dexray-insight /app/Sara.apk\n        Dexray Insight\n\u2800\u2800\u2800\u2800\u2880\u28c0\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u28c0\u2840\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2880\u28c0\u28c0\u28c0\u28c0\u28c0\u2840\u2800\u2800\u2800\u2800\u2800\u2800\u2800\n\u2800\u2800\u2800\u2800\u2800\u2819\u28b7\u28e4\u28e4\u28f4\u28f6\u28f6\u28e6\u28e4\u28e4\u287e\u280b\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2880\u28f4\u283e\u281b\u2889\u28c9\u28c9\u28c9\u2849\u281b\u2837\u28e6\u28c4\u2800\u2800\u2800\u2800\n\u2800\u2800\u2800\u2800\u2800\u28f4\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28e6\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2880\u28f4\u280b\u28e0\u28f4\u28ff\u28ff\u28ff\u28ff\u28ff\u287f\u28ff\u28f6\u28cc\u2839\u28f7\u2840\u2800\u2800\n\u2800\u2800\u2800\u2800\u28fc\u28ff\u28ff\u28c9\u28f9\u28ff\u28ff\u28ff\u28ff\u28cf\u28c9\u28ff\u28ff\u28e7\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u28fc\u2801\u28f4\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28c6\u2809\u283b\u28e7\u2818\u28f7\u2800\u2800\n\u2800\u2800\u2800\u28b8\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u2847\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u28b0\u2847\u28b0\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u287f\u2800\u2800\u2808\u2800\u28b9\u2847\u2800\n\u28e0\u28c4\u2800\u28a0\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u2800\u28e0\u28c4\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u28b8\u2847\u28b8\u28ff\u281b\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u287f\u2803\u2800\u2800\u2800\u2800\u28b8\u2847\u2800\n\u28ff\u28ff\u2847\u28b8\u28ff\u28ff\u28ffSanDroid\u28ff\u28ff\u28ff\u2847\u28b8\u28ff\u28ff\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2808\u28f7\u2800\u28bf\u2846\u2808\u281b\u283b\u281f\u281b\u2809\u2800\u2800\u2800\u2800\u2800\u2800\u28fe\u2803\u2800\n\u28ff\u28ff\u2847\u28b8\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u2847\u28b8\u28ff\u28ff\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2838\u28e7\u2840\u283b\u2844\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2880\u28fc\u2803\u2800\u2800\n\u28ff\u28ff\u2847\u28b8\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u2847\u28b8\u28ff\u28ff\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u28bc\u283f\u28e6\u28c4\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u28c0\u28f4\u281f\u2801\u2800\u2800\u2800\n\u28ff\u28ff\u2847\u28b8\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u2847\u28b8\u28ff\u28ff\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u28e0\u28fe\u28ff\u28e6\u2800\u2800\u2808\u2809\u281b\u2813\u2832\u2836\u2816\u281a\u280b\u2809\u2800\u2800\u2800\u2800\u2800\u2800\n\u283b\u281f\u2801\u28b8\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u2847\u2808\u283b\u281f\u2800\u2800\u2800\u2800\u2800\u2800\u28e0\u28fe\u28ff\u28ff\u281f\u2801\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\n\u2800\u2800\u2800\u2800\u2809\u2809\u28ff\u28ff\u28ff\u284f\u2809\u2809\u28b9\u28ff\u28ff\u28ff\u2809\u2809\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u28e0\u28fe\u28ff\u28ff\u281f\u2801\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\n\u2800\u2800\u2800\u2800\u2800\u2800\u28ff\u28ff\u28ff\u2847\u2800\u2800\u28b8\u28ff\u28ff\u28ff\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u28fe\u28ff\u28ff\u281f\u2801\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\n\u2800\u2800\u2800\u2800\u2800\u2800\u28ff\u28ff\u28ff\u2847\u2800\u2800\u28b8\u28ff\u28ff\u28ff\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2880\u28c4\u2808\u281b\u2801\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\n\u2800\u2800\u2800\u2800\u2800\u2800\u2808\u2809\u2809\u2800\u2800\u2800\u2800\u2809\u2809\u2801\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2801\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\u2800\n        version: 0.0.9.0 (OOP Architecture)\n\napkstaticanalysismonitor.api_invocation_analysis.api_analysis_modulerunning\napkstaticanalysismonitor.signature_detection.signature_detection_modulerunning\nSignature detection module running\ntriage hashcheck failed\n{'error': 'NOT_FOUND', 'message': 'No such endpoint'}\napkstaticanalysismonitor.string_analysis.string_analysis_modulerunning\nstring analysis module running\napkstaticanalysismonitor.manifest_analysis.manifest_analysis_modulerunning\napkstaticanalysismonitor.permission_analysis.permission_analysis_modulerunning\nMissing list of Critical Permissions, using default list instead\nResults for /app/Sara.apk:\nFound these intent Filters:\n\nFound the following (critical) Permissions:\nandroid.permission.READ_CONTACTS\nandroid.permission.ACCESS_FINE_LOCATION\nandroid.permission.CAMERA\nandroid.permission.READ_EXTERNAL_STORAGE\nandroid.permission.READ_SMS\nandroid.permission.WRITE_EXTERNAL_STORAGE\nandroid.permission.SYSTEM_ALERT_WINDOW\n\nSignature check results: \n{'koodous': None, 'vt': None, 'triage': None}\nfound IPs:\nfound Email adresses:\n[]\nfound Domains:\nfound URLs:\nActivities found:\n['com.termuxhackers.id.MainActivity']\nReceivers found:\n\nServices found:\n['com.termuxhackers.id.MyService']\n\nThx for using Dexray Insight and have a great day!\n$   \n```\n\n\n## Usage\n\n### Basic Analysis\nTo run Dexray Insight directly from the command line, use the following command:\n\n```bash\ndexray-insight <path_to_apk>\n```\n\n### Advanced Options\n\n**Enable debug logging:**\n```bash\ndexray-insight <path_to_apk> -d DEBUG\n```\n\n**Enable verbose output (full JSON results):**\n```bash\ndexray-insight <path_to_apk> -v\n```\n\n**Enable signature checking:**\n```bash\ndexray-insight <path_to_apk> -sig\n```\n\n**Enable OWASP Top 10 security analysis:**\n```bash\ndexray-insight <path_to_apk> -s\n```\n\n**APK diffing analysis:**\n```bash\ndexray-insight <path_to_apk> --diffing_apk <second_apk>\n```\n\n**Exclude specific .NET libraries:**\n```bash\ndexray-insight <path_to_apk> --exclude_net_libs <path_to_exclusion_file>\n```\n\n**Using custom configuration file:**\n```bash\ndexray-insight <path_to_apk> -c <config_file>\n```\n\n### Sample Output\n\nWhen you run `dexray-insight <apk_file>`, you'll see an analyst-friendly summary like this:\n\n```\n\ud83d\udcf1 DEXRAY INSIGHT ANALYSIS SUMMARY\n================================================================================\n\n\ud83d\udccb APK INFORMATION\n----------------------------------------\nApp Name: System Application\nPackage: net.example.app\nMain Activity: com.example.MainActivity\nVersion: 1.0\nFile Size: 160273\nMD5: 5f81d45ceae3441e...\n\n\ud83d\udd10 PERMISSIONS (25 total)\n----------------------------------------\n\u26a0\ufe0f  Critical Permissions:\n   \u2022 android.permission.RECEIVE_SMS\n   \u2022 android.permission.READ_PHONE_STATE\n   \u2022 android.permission.SEND_SMS\n   ... and 2 more critical permissions\n\u2139\ufe0f  Other Permissions: 20 (see full JSON for details)\n\n\ud83d\udd0d STRING ANALYSIS (URLs: 3, Domains: 13)\n----------------------------------------\n\ud83c\udf10 IP Addresses: 2\n   \u2022 192.168.1.1\n   \u2022 10.0.0.1\n\ud83c\udfe0 Domains: 13\n   \u2022 example.com\n   \u2022 google.com\n   \u2022 facebook.com\n   ... and 10 more\n\ud83d\udd17 URLs: 3\n   \u2022 https://api.example.com\n   \u2022 http://test.org\n\n\ud83d\udd27 COMPILER & APKID ANALYSIS\n----------------------------------------\n\ud83c\udfaf Primary DEX Compiler: dexlib 2.x\n   \u26a0\ufe0f  WARNING: dexlib 2.x detected - APK may be repacked/modified\n\n\ud83d\udee0\ufe0f  All Compiler(s) Detected:\n   \u2022 dexlib 2.x \u2b50 (Primary DEX)\n\n\ud83d\udce6 PACKING ANALYSIS\n----------------------------------------\n\u2705 APK does not appear to be packed\n\n\ud83c\udfd7\ufe0f  COMPONENTS\n----------------------------------------\nActivities: 8\nServices: 7\nReceivers: 5\n```\n\n### Large APK Files\nAnalyzing large APK files may produce a lot of output. You can pipe the output to `less` for easier scrolling:\n```bash\ndexray-insight <path_to_apk> | less\n```\n\n\n## Run as Python Package\n\nIn addition to using Dexray Insight as a CLI tool, you can import the `dexray_insight` package in your own Python scripts for flexible integration and automated analysis workflows.\n\n```python\nfrom dexray_insight import asam\n\n# Run APK static analysis with modern OOP architecture\nresults, result_file_name, security_result_file_name = asam.start_apk_static_analysis(\n    apk_file_path=\"<path to APK>\",\n    do_signature_check=False,  # Enable signature checks (VirusTotal, Koodous, Triage)\n    apk_to_diff=None,  # Optional: provide a second APK for diffing analysis\n    print_results_to_terminal=False,  # Disable printing results to the terminal\n    is_verbose=False,  # Disable verbose output (show analyst summary instead)\n    do_sec_analysis=False,  # Enable OWASP Top 10 security assessment\n    exclude_net_libs=None  # Optional: path to .NET library exclusion file\n)\n\n# Access results object\nresults.print_results()  # Prints complete JSON results\nresults.print_analyst_summary()  # Prints analyst-friendly summary\n\n# Get results in different formats\njson_output = results.to_json()  # Complete results as JSON string\ndict_output = results.to_dict()  # Complete results as dictionary\n```\n\n### Results Structure\n\nThe results object returned is an instance of the `FullAnalysisResults` class, which provides structured access to all analysis modules:\n\n**Main Fields:**\n- `apk_overview`: General APK metadata (file info, components, permissions, certificates)\n- `in_depth_analysis`: Detailed analysis results (strings, permissions, signatures, intents)\n- `apkid_analysis`: APKID results (compiler detection, packer analysis, obfuscation techniques)\n- `kavanoz_analysis`: Kavanoz results (packing detection and unpacking attempts)\n\n**Key Methods:**\n- `to_dict() -> Dict[str, Any]`: Returns combined results as dictionary\n- `to_json() -> str`: Returns combined results as JSON string\n- `print_results()`: Prints complete JSON results to terminal\n- `print_analyst_summary()`: Prints analyst-friendly summary with key findings\n- `update_from_dict(updates: Dict[str, Any])`: Updates specific fields from dictionary\n\n### Output Files\n\nAnalysis generates timestamped JSON files with comprehensive results:\n- **Main results**: `dexray_{apk_name}_{timestamp}.json`\n- **Security assessment** (if enabled): Additional security-focused results\n\n### Example Results Access\n\n```python\n# Access specific analysis results\nemails = results.in_depth_analysis.strings_emails\ndomains = results.in_depth_analysis.strings_domain\ncompiler = results.apkid_analysis.files[0].matches.get('compiler', [])\npermissions = results.apk_overview.permissions\n\n# Check analysis status\nif results.apkid_analysis.apkid_version:\n    print(f\"APKID version: {results.apkid_analysis.apkid_version}\")\n```\n\n## Development and Installation\n\n### Development Installation\n\nFor development and making changes to the code, install Dexray Insight in editable mode:\n\n```bash\n# Install in editable mode for development\npython3 -m pip install -e .\n\n# Install dependencies only\npython3 -m pip install -r requirements.txt\n```\n\nThis way local changes in the Python code are reflected without creating a new version of the package.\n\n### Standard Installation\n\n```bash\n# Standard installation\npython3 -m pip install .\n```\n\n\n## Requirements\n\n### System Requirements\n- **Python 3.6+** - Core runtime environment\n- **Docker** (optional) - For containerized deployment\n\n### Python Dependencies\nCore dependencies are automatically installed via pip:\n- `androguard` - Android app analysis library\n- `apkid` - Packer and compiler detection\n- `kavanoz` - Static unpacking tool\n- `loguru` - Advanced logging\n- `requests` - HTTP API communications\n\nInstall all dependencies:\n```bash\npython3 -m pip install -r requirements.txt\n```\n\n### SSDeep Problem\n\nWhen installing ssdeep as python package on MacOS with M1 you will likely encounter some issues. If you already installed ssdeep via `brew` normally the following commands should help:  \n\n```\n$ brew ls ssdeep\n/usr/local/Cellar/ssdeep/2.14.1/bin/ssdeep\n/usr/local/Cellar/ssdeep/2.14.1/include/ (2 files)\n/usr/local/Cellar/ssdeep/2.14.1/lib/libfuzzy.2.dylib\n/usr/local/Cellar/ssdeep/2.14.1/lib/ (2 other files)\n/usr/local/Cellar/ssdeep/2.14.1/share/man/man1/ssdeep.1\n$ export LDFLAGS=\"-L/usr/local/Cellar/ssdeep/2.14.1/lib/\"\n$ export C_INCLUDE_PATH=/usr/local/Cellar/ssdeep/2.14.1/include/\n$ python3 -m pip install ssdeep\n```\n\nOn new versions:\n```bash\n$ brew ls ssdeep\n/usr/local/Cellar/ssdeep/2.14.1/bin/ssdeep\n/usr/local/Cellar/ssdeep/2.14.1/include/ (2 files)\n/usr/local/Cellar/ssdeep/2.14.1/lib/libfuzzy.2.dylib\n/usr/local/Cellar/ssdeep/2.14.1/lib/ (2 other files)\n/usr/local/Cellar/ssdeep/2.14.1/share/man/man1/ssdeep.1\n$ export LDFLAGS=\"-L/usr/local/Cellar/ssdeep/2.14.1/lib\"\n$ export C_INCLUDE_PATH=/opt/homebrew/Cellar/ssdeep/2.14.1/include\n$ brew install libtool automake\n$ brew --prefix\n$ ln -s /usr/local/bin/glibtoolize /usr/local/Homebrew/bin/libtoolize #adjust to the output of brew --prefix\n$ BUILD_LIB=1 pip install ssdeep\n$ stat libtoolize # if this can't be found you have to fix that\n$ ln -s /usr/local/bin/glibtoolize $HOME/bin/libtoolize\n$ BUILD_LIB=1 pip install ssdeep\n```\n\n\nMore on the following [link](https://stackoverflow.com/questions/75302631/installing-ssdeep-package-from-pypi-on-m1-macbook).\n\n## Projects and Dependencies Used\n\nDexray Insight builds upon several excellent open-source projects and tools:\n\n### Core Analysis Libraries\n- **[Androguard](https://github.com/androguard/androguard)** - Android app analysis library for DEX/APK parsing and manipulation\n- **[APKID](https://github.com/rednaga/APKiD)** - Android Application Identifier for packer and compiler detection\n- **[Kavanoz](https://github.com/eybisi/kavanoz)** - Static unpacking tool for packed Android malware\n\n### Security Analysis APIs\n- **[VirusTotal API](https://www.virustotal.com/)** - Malware detection and analysis service\n- **[Koodous API](https://koodous.com/)** - Collaborative platform for Android malware analysis\n- **[Triage API](https://tria.ge/)** - Automated malware analysis sandbox\n\n### Python Libraries\n- **[loguru](https://github.com/Delgan/loguru)** - Advanced logging for Python\n- **[requests](https://github.com/psf/requests)** - HTTP library for API communications\n- **[ssdeep](https://github.com/DinoTools/python-ssdeep)** - Fuzzy hashing library for similarity analysis\n- **[yara-python](https://github.com/VirusTotal/yara-python)** - Python bindings for YARA pattern matching\n\n### Static Analysis Tools\n- **[droidlysis](https://github.com/cryptax/droidlysis)** - Property extractor for Android apps (planned integration)\n- **[LibRadar](https://github.com/pkumza/LibRadar)** - Third-party library identification (planned integration)\n- **[mariana-trench](https://github.com/facebook/mariana-trench)** - Security-focused static analyzer (planned integration)\n\n### Privacy Analysis Tools\n- **[exodus-core](https://github.com/Exodus-Privacy/exodus-core)** - Privacy tracker detection (planned integration)\n- **[Pithus](https://beta.pithus.org/)** - Android malware analysis platform (planned integration)\n\n### Development and Build Tools\n- **Python 3.6+** - Core runtime environment\n- **setuptools** - Package building and distribution\n- **Docker** - Containerized deployment support\n\n### Special Thanks\nWe acknowledge and thank all the maintainers and contributors of these projects for making advanced Android static analysis accessible to the security community.\n\n## Roadmap\n\n- [x] Create the signature based detection module. WIP for triage\n- [x] Create the permission module\n- [x] Create the string analysis module\n- [ ] Create the API invocation module. WIP\n- [x] Create the Android manifest analysis module\n- [x] Each output should by default be in JSON-format when running as a package. So each module has its own JSON-format\n- [ ] Improved Intent Analysis\n- [ ] Improve and add documentation to source files (doc strings)\n- [ ] Integrate [Androguard](https://github.com/androguard/androguard) as own JSON element\n- [ ] Integrate [mariana-trench](https://github.com/facebook/mariana-trench) as own JSON element for Security Analysis\n- [ ] Integrate [droidlysis](https://github.com/cryptax/droidlysis/tree/master) as own JSON element to get an detaild overview of the components\n- [ ] Integrate [exodus-core](https://github.com/Exodus-Privacy/exodus-core/blob/v1/exodus_core/analysis ) as own JSON element to analyze for privacy tracking issues\n- [ ] Integrate [Pithus](https://beta.pithus.org/about/) as own JSON element\n- [ ] Improve the string analysis module (e.g. a lot of false positives for domain identification) and add feature for base64 strings\n- [ ] Add feature to identify all files inside the apk which has a certain size and likely a packed binary (e.g. high entropy)\n- [ ] For the later security analysis this kind of check is useful: https://github.com/Hrishikesh7665/Android-Pentesting-Checklist \n- [x] Static unpacking off common android packed malware.[More](https://github.com/eybisi/kavanoz).\n- [ ] Integrate some stuff of the FAME framework. [More](https://github.com/certsocietegenerale/fame).\n- [ ] We should fork [LibRadar](https://github.com/pkumza/LibRadar) to identifying 3rd party libs in Android and migrate (and extend) it to python3 (there is already a limited python3 version [here](https://github.com/7homasSutter/LibRadar-Refactoring)). And we should further merge its capabilites with the ones from [apk-anal](https://github.com/mhelwig/apk-anal). Development of this module should be done under [APKInsight on github](https://github.com/fkie-cad/APKInsight).\n- [ ] After running ammm we should use its tracked runtime behavior for enabling the detection of malicious activities that may not be evident through static analysis alone. \n- [ ] Maybe integrating something like that https://github.com/struppigel/PortEx\n- [ ] The new samples should be analyzed so it gets the same results as https://www.apklab.io/apk.html?download=1&hash=72888975925abd4f55b2dd0c2c17fc68670dd8dee1bae2baabc1de6299e6cc05&tab=dynamic&dynamic=feature-history\n- maybe each module should be run in its own thread?\n",
    "bugtrack_url": null,
    "license": "GPL-3.0",
    "summary": "This project is part of the dynamic Sandbox SanDroid. Its purpose is to do static analysis to grasp a basic understanding of an Android application.",
    "version": "0.0.9.1",
    "project_urls": {
        "Homepage": "https://github.com/fkie-cad/Sandroid_Dexray-Insight",
        "Issues": "https://github.com/fkie-cad/Sandroid_Dexray-Insight/issues",
        "Repository": "https://github.com/fkie-cad/Sandroid_Dexray-Insight"
    },
    "split_keywords": [
        "mobile",
        " static analysis",
        " apk",
        " malware",
        " android"
    ],
    "urls": [
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "b7c0763feef0803bd55b0a6df4a3a7dd5d76eae16b9d8f920276cfc42ffd83b5",
                "md5": "9fa5cfa494f0ff6f9e28a5a78fc69603",
                "sha256": "a1c77299e1e145a4d24fa5b02e8511bd5061e942741efaf9a3131e16c18fae36"
            },
            "downloads": -1,
            "filename": "dexray_insight-0.0.9.1-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "9fa5cfa494f0ff6f9e28a5a78fc69603",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.8",
            "size": 254454,
            "upload_time": "2025-08-01T12:04:02",
            "upload_time_iso_8601": "2025-08-01T12:04:02.307128Z",
            "url": "https://files.pythonhosted.org/packages/b7/c0/763feef0803bd55b0a6df4a3a7dd5d76eae16b9d8f920276cfc42ffd83b5/dexray_insight-0.0.9.1-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "245078ef28d9f0d2d8ec1811ac0bebce2212b8a5d88da82432814bbfe9e02b30",
                "md5": "a6ce437f1274bd971ef58f03c3bd5c6a",
                "sha256": "7e351bed87bcc75b608b32a3c6018d755c25d535afce4e92a989a87dd367f77e"
            },
            "downloads": -1,
            "filename": "dexray_insight-0.0.9.1.tar.gz",
            "has_sig": false,
            "md5_digest": "a6ce437f1274bd971ef58f03c3bd5c6a",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.8",
            "size": 225471,
            "upload_time": "2025-08-01T12:04:04",
            "upload_time_iso_8601": "2025-08-01T12:04:04.915434Z",
            "url": "https://files.pythonhosted.org/packages/24/50/78ef28d9f0d2d8ec1811ac0bebce2212b8a5d88da82432814bbfe9e02b30/dexray_insight-0.0.9.1.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2025-08-01 12:04:04",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "fkie-cad",
    "github_project": "Sandroid_Dexray-Insight",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": false,
    "lcname": "dexray-insight"
}