Skip to content

balyakin/apkscan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
apkscan
apkscan
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

apkscan 🛡️

Python Version License Security

apkscan is a high-performance, evidence-based static analysis tool for Android APKs. Unlike traditional scanners that only flag raw string matches, apkscan performs deep reachability analysis to prove that a vulnerability is actually accessible from the application's entry points.

🚀 Key Features

  • 🧠 Evidence-Based Analysis: Every finding includes a complete call chain from entry point (e.g., Exported Activity, JS Bridge) to sink (vulnerable code/string).
  • 🔍 Reachability Engine: Built-in BFS-based call graph traversal through DEX bytecode.
  • 📱 Comprehensive Manifest Auditing: Deep inspection of AndroidManifest.xml for misconfigurations.
  • 📊 Professional Reporting: Interactive HTML dashboards, SARIF (for GitHub Security Tab), JSON, and high-fidelity Console output.
  • 🛡️ Security Standards: Mapped to CWE and OWASP MASVS (Mobile Application Security Verification Standard).

🛠️ Analysis Rules

apkscan comes with a suite of professional security rules:

ID Title Severity
unsafe_ssl_error WebView SSL validation bypass CRITICAL
debuggable_enabled Production build with debug mode on CRITICAL
exported_no_protection Unprotected exported components HIGH
cleartext_traffic Cleartext (HTTP) traffic permitted HIGH
hardcoded_urls Hardcoded development/test URLs MEDIUM
backup_enabled ADB backup enabled (Data leakage) MEDIUM
signature_metadata Insecure signature or debug certs INFO
dev_artifacts Development metadata & env files LOW

💻 Usage

Quick Scan

apkscan scan app.apk

Advanced Reporting

Generate a professional interactive HTML report:

apkscan scan app.apk --format html --output report.html

Export results for CI/CD integration (SARIF):

apkscan scan app.apk --format sarif --output results.sarif

Filtering Results

# Only show High and Critical findings
apkscan scan app.apk --severity high

# Disable specific rules
apkscan scan app.apk --disable-rule backup_enabled

📦 Installation

Requires Python 3.11+.

git clone https://github.com/apkscan/apkscan.git
cd apkscan
pip install .

📈 Roadmap

  • Data Flow Analysis: Taint tracking for intent extras.
  • Deobfuscation Support: ProGuard/R8 mapping file integration.
  • Advanced JADX Enrichment: Code-level context for complex findings.
  • CI/CD Actions: Official GitHub Action for automated PR scanning.

📜 License

Distributed under the MIT License. See LICENSE for more information.

Built with ❤️ for Security Engineers.

About

APK Static Analyzer

Topics

android python cli security static-analysis reverse-engineering apk owasp cybersecurity application-security android-security mobile-security androguard sarif devsecops vulnerability-scanner apk-analysis sast reachability-analysis owasp-masvs

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages