Analyze Android APK files from a browser.
The project is a flask web app which allows doing basic static analysis on Android APK files from a browser.
Current features:
The project runs on docker containers. Make sure you have docker and docker-compose installed:
Run docker compose to build the images and run the project:
docker-compose -f local.yml up
Or run it as daemon:
docker-compose -f local.yml up -d
Once the docker images are built and the containers are running, two things must be done:
docker-compose -f local.yml exec flask flask apksneeze compile
docker-compose -f local.yml exec flask flask apksneeze seed
And that’s it.
Now you can visit: http://localhost:5000
to use the app.
If you want to clear the DB (excluding string patterns) you can issue a GET request to path: /clear_all
You can modify code on the fly since the code volume is mounted on both the web app and the worker, plus the project is running in debug mode.
Here are some screenshot of running the tool against the injured android app developed by B3nac https://github.com/B3nac/InjuredAndroid. Many thanks to B3nac for this app!
Index page
Dashboard page
Report pages:
Viewing matched yara rules:
View code from file with matched a yara rule:
Yara rules configuration:
Grep patterns configuration:
The project uses 4 docker containers:
File hashes, apk file sizes, yara rule matches, and grep matches are all stored in a postgresql DB running on one of the docker containers. Also, decompiled files and uploaded apks are stored in the /storage
directory. The more you use this project, the more data you will accumulate. After that you can get creative with that data.
The worker currenly uses the same code that the flask app is using, perhaps reducing the code and depedencies will result in a lighter image.
Just in case: I do not recommend running this in production or on sensitive machines for obvious reasons (look at the code, it can easily be abused). Launch it on a lab/test machine, do analysis, close it.
Usage of APKSneeze Lab for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.