### Install APKLeaks from Source Source: https://github.com/dwisiswant0/apkleaks/blob/master/README.md Clone the repository and install the required dependencies. ```bash $ git clone https://github.com/dwisiswant0/apkleaks $ cd apkleaks/ $ pip3 install -r requirements.txt ``` -------------------------------- ### Install APKLeaks via PyPi Source: https://github.com/dwisiswant0/apkleaks/blob/master/README.md Standard installation command for the APKLeaks package. ```bash $ pip3 install apkleaks ``` -------------------------------- ### Run APKLeaks from Source Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Clone the repository, install dependencies, and run APKLeaks directly using Python. ```bash # Clone and setup git clone https://github.com/dwisiswant0/apkleaks cd apkleaks/ pip3 install -r requirements.txt # Run from source python3 apkleaks.py -f /path/to/application.apk # Run with all options python3 apkleaks.py -f /path/to/app.apk -o output.json --json -p patterns.json ``` -------------------------------- ### Run APKLeaks Scans Source: https://github.com/dwisiswant0/apkleaks/blob/master/README.md Execute a scan using the installed package, source code, or Docker container. ```bash $ apkleaks -f ~/path/to/file.apk # from Source $ python3 apkleaks.py -f ~/path/to/file.apk # or with Docker $ docker run -it --rm -v /tmp:/tmp dwisiswant0/apkleaks:latest -f /tmp/file.apk ``` -------------------------------- ### Custom Pattern Configuration Example Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Define custom regex patterns for sensitive information detection in JSON format. ```json { "Amazon_AWS_Access_Key_ID": "([^A-Z0-9]|^)(AKIA|A3T|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{12,}", "Amazon_AWS_S3_Bucket": [ "//s3-[a-z0-9-]+\.amazonaws\.com/[a-z0-9._-]+", "//s3\.amazonaws\.com/[a-z0-9._-]+", "[a-z0-9.-]+\.s3-[a-z0-9-]\.amazonaws\.com", "[a-z0-9.-]+\.s3\.amazonaws\.com" ], "Google_API_Key": "AIza[0-9A-Za-z\-_]{35}", "Firebase": "[a-z0-9.-]+\.firebaseio\.com", "Generic_API_Key": "[a|A][p|P][i|I][_]?[k|K][e|E][y|Y].*['|"][0-9a-zA-Z]{32,45}['|"]", "Slack_Token": "(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})", "Stripe_API_Key": "sk_live_[0-9a-zA-Z]{24}", "GitHub": "[g|G][i|I][t|T][h|H][u|U][b|B].*['|"][0-9a-zA-Z]{35,40}['|"]", "Private_Key": "-----BEGIN RSA PRIVATE KEY-----", "Custom_Internal_API": "https://internal-api\.company\.com/[a-zA-Z0-9/]+" } ``` -------------------------------- ### Define Custom Scan Patterns Source: https://github.com/dwisiswant0/apkleaks/blob/master/README.md Example JSON structure for defining custom regex rules for sensitive data detection. ```json // custom-rules.json { "Amazon AWS Access Key ID": "AKIA[0-9A-Z]{16}", // ... } ``` -------------------------------- ### Use Custom Patterns File Command Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Execute an APK scan using a custom patterns file and specify the output file. ```bash # Use custom patterns file apkleaks -f application.apk -p custom-rules.json -o results.txt ``` -------------------------------- ### Run APKLeaks via Docker Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Execute an APK scan using the APKLeaks Docker image, mounting local directories for file access. ```bash # Run scan (mount /tmp for file access) docker run -it --rm -v /tmp:/tmp dwisiswant0/apkleaks:latest -f /tmp/file.apk # Run with custom output location docker run -it --rm \ -v /path/to/apks:/apks \ -v /path/to/output:/output \ dwisiswant0/apkleaks:latest \ -f /apks/application.apk \ -o /output/results.json \ --json # Run with custom patterns docker run -it --rm \ -v /tmp:/tmp \ -v /path/to/patterns:/patterns \ dwisiswant0/apkleaks:latest \ -f /tmp/app.apk \ -p /patterns/custom-rules.json ``` -------------------------------- ### Execute Scan with Custom Rules Source: https://github.com/dwisiswant0/apkleaks/blob/master/README.md Run a scan using a specific pattern file and output destination. ```bash $ apkleaks -f /path/to/file.apk -p rules.json -o ~/Documents/apkleaks-results.txt ``` -------------------------------- ### Run APKLeaks via Command Line Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Execute scans using text or JSON output formats. ```bash # Text output (default) apkleaks -f app.apk -o results.txt # JSON output apkleaks -f app.apk -o results.json --json ``` -------------------------------- ### Scan with Custom Output File Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Scan an APK file and save the results to a specified text file. ```bash # Scan with custom output file apkleaks -f /path/to/application.apk -o results.txt ``` -------------------------------- ### Basic APK Scan Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Perform a basic scan of an APK file using the default settings. ```bash # Basic scan of an APK file apkleaks -f /path/to/application.apk ``` -------------------------------- ### Configure Disassembler Arguments Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Pass custom arguments to JADX for advanced decompilation control. ```bash # Enable deobfuscation mode apkleaks -f app.apk -a "--deobf" # Set thread count for faster processing apkleaks -f app.apk -a "--threads-count 8" # Enable debug logging apkleaks -f app.apk -a "--log-level DEBUG" # Combined disassembler options apkleaks -f app.apk -a "--deobf --threads-count 5 --log-level WARN" # Skip resources decompilation (faster for code-only analysis) apkleaks -f app.apk -a "--no-res" ``` -------------------------------- ### Pull APKLeaks Docker Image Source: https://github.com/dwisiswant0/apkleaks/blob/master/README.md Download the latest official Docker image. ```bash $ docker pull dwisiswant0/apkleaks:latest ``` -------------------------------- ### Scan with JSON Output Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Scan an APK file and output the results in JSON format. ```bash # Scan with JSON output format apkleaks -f /path/to/application.apk -o results.json --json ``` -------------------------------- ### Sample JSON Output Structure Source: https://context7.com/dwisiswant0/apkleaks/llms.txt The expected schema for JSON results generated by APKLeaks. ```json { "package": "com.example.app", "results": [ { "name": "Google_API_Key", "matches": [ "AIzaSyDaGmWKa4JsXZ-HjGw7ISLn_3namBGewQe" ] }, { "name": "Firebase", "matches": [ "example-app.firebaseio.com" ] }, { "name": "LinkFinder", "matches": [ "/api/v1/users", "/api/v1/auth/login", "https://api.example.com/data" ] } ] } ``` -------------------------------- ### Scan with Custom Patterns Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Scan an APK file using a custom set of regex patterns defined in a JSON file. ```bash # Scan with custom pattern file apkleaks -f /path/to/application.apk -p custom-rules.json ``` -------------------------------- ### View Detection Patterns Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Display the default regex patterns used for secret detection. ```bash # View default patterns (from source installation) cat config/regexes.json ``` -------------------------------- ### Initialize APKLeaks Programmatically Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Use the APKLeaks class to perform integrity checks, decompilation, and scanning within a Python script. ```python scanner = APKLeaks(args) try: # Check dependencies and validate APK apk_info = scanner.integrity() print(f"Package: {apk_info.package}") print(f"Version: {apk_info.version_name}") # Decompile the APK using JADX scanner.decompile() # Scan for secrets and sensitive information scanner.scanning() finally: # Clean up temporary files and save results scanner.cleanup() print(f"Results saved to: {scanner.output}") ``` -------------------------------- ### Combined Scan Options Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Perform a comprehensive scan using custom patterns, JSON output, and specific disassembler arguments. ```bash # Combined: custom patterns, JSON output, and disassembler args apkleaks -f /path/to/application.apk \ -p custom-rules.json \ -o scan-results.json \ --json \ -a "--deobf --log-level DEBUG" ``` -------------------------------- ### Scan with Custom Disassembler Arguments Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Scan an APK file and pass custom arguments to the JADX disassembler, such as enabling deobfuscation. ```bash # Scan with custom disassembler arguments (e.g., enable deobfuscation) apkleaks -f /path/to/application.apk -a "--deobf --threads-count 5" ``` -------------------------------- ### APKLeaks Python API Usage Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Programmatically use the APKLeaks class by creating an arguments object and initializing the scanner. ```python #!/usr/bin/env python3 from argparse import Namespace from apkleaks.apkleaks import APKLeaks # Create arguments object args = Namespace( file="/path/to/application.apk", output="scan_results.json", json=True, pattern=None, # Use default patterns, or provide path to custom JSON args=None # Disassembler arguments ) ``` -------------------------------- ### Pass Disassembler Arguments Source: https://github.com/dwisiswant0/apkleaks/blob/master/README.md Provide custom arguments to the underlying jadx disassembler. ```bash $ apkleaks -f /path/to/file.apk -a "--deobf --log-level DEBUG" ``` -------------------------------- ### Docker Image Pull Source: https://context7.com/dwisiswant0/apkleaks/llms.txt Pull the latest APKLeaks Docker image from Docker Hub. ```bash # Pull the Docker image docker pull dwisiswant0/apkleaks:latest ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.