Skip to content

andpalmier/apkingo

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

apkingo

apkingo

Software License GoDoc Card Go Report Card follow on X

apkingo is a utility designed to extract information from an APK file. By analyzing the provided file, apkingo extracts details like package name, target SDK, permissions, metadata, certificate serial, and issuer. Additionally, the tool fetches information about the specified apk from the Play Store and, if valid API keys are provided, from Koodous and VirusTotal. If the file is not available on VirusTotal, apkingo offers the option to upload it.

Installation

You can download apkingo from the releases section or compile it from the source by running:

go install github.com/andpalmier/apkingo/cmd/apkingo@latest

Usage

You can run apkingo with the following flags:

  -apk string (REQUIRED)
        Path to APK file
  -country string
        Country code of the Play Store (default "us")
  -json string
        Path to export analysis in JSON format
  -kapi string
        Koodous API key (you can export it using the env variable KOODOUS_API_KEY)
  -vtapi string
        VirusTotal API key (you can export it using the env variable VT_API_KEY)

Screenshots

apkingo analyzing snapseed:

apkingo

apkingo analyzing an Android malware (I had to cut the screenshot on the permissions section):

apkingo apkingo

Features

Here is the full list of information which apkingo can retrieve:

  • General information: app name, package name, app version, main activity, minimum and target SDK
  • Hashes: md5, sha1 and sha256
  • Permissions
  • Metadata
  • Certificate information: serial, thumbprint, validity, date, expiration date, issuer and subject
  • Play Store information: Play Store url, version, release date, last update date, genre, summary, number of installations, score, developer name, developer ID, developer mail and developer website
  • Koodous info (API key required): Koodous url, Koodous ID, Koodous link to the app icon, size, Koodous tags, trusted (boolean), Koodous rating, corrupted (boolean) and submission date
  • VirusTotal info (API key required): VirusTotal url, apk names, submission date, number of submissions, last analysis date and results, community votes (harmless and malicious), md5 and dhash of icon, providers, receivers, services, interesting strings and permissions that are considered dangerous

3rd party libraries and API documentation