App Scanner CLI
Find out what the mobile application was developed with.
How it works (steps)
- Step 1 - Download APK
- Step 2 - Decode APK
- Step 3 - Scan decoded APK
🚀 Roadmap
🔨 Frameworks compatibilities
Try to update frameworks following State of JS Mobile
🔍 Scan features
- Android APK scan
- iOS App scan
- Bulk Scan
- Build an intuitive web app
- Scan vulnerabilities
- Scan sensitive data
- Scan security fails
👨🏼💻 Installation
Auto install
If you're on MacOS you can run this command yarn run install:macos
Manual install
- Install firstly gplaydl and login with your Play Store account
- Install Apktool
- Install node_modules with
yarn
Preview
🏄🏼♂️ Run
yarn start
or you can start with following arguments:
yarn start --apkID com.facebook.katana
yarn start --scanListFile ./myAPKsList.txt
CLI Arguments
| parameters | description | required | default value |
|---|---|---|---|
| apkID | Android APK Play Store ID | false | |
| scanListFile | File containing a list of APK IDs | false |
🕵🏼 How to detect Frameworks
1. By detecting typical architecture files (100% reliable)
Example a React Native Android decompiled app always contains an assets/index.android.bundle file.
We've indentified typical framework architectures. Take a look here for more details. Open to new frameworks suggestions.
2. With grep match (50% reliable - not suggested)
Check an example on a command that we run to check react native occurances in app files.
grep -iR "react_native\|react-native\|reactnative" ${apkDecodedPath} | wc -w