{"id":13840872,"url":"https://github.com/Humoud/apksneeze-lab","last_synced_at":"2025-07-11T09:33:50.273Z","repository":{"id":88530164,"uuid":"290216148","full_name":"Humoud/apksneeze-lab","owner":"Humoud","description":"Analyze Android APK files from a browser.","archived":false,"fork":false,"pushed_at":"2020-09-29T18:22:49.000Z","size":2415,"stargazers_count":14,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-08-05T17:26:03.410Z","etag":null,"topics":["analysis","android-reverse-engineering","docker","docker-compose","flask-application","yara-scanner"],"latest_commit_sha":null,"homepage":"","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Humoud.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2020-08-25T13:00:18.000Z","updated_at":"2024-01-22T13:12:43.000Z","dependencies_parsed_at":"2023-07-30T01:35:51.360Z","dependency_job_id":null,"html_url":"https://github.com/Humoud/apksneeze-lab","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Humoud%2Fapksneeze-lab","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Humoud%2Fapksneeze-lab/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Humoud%2Fapksneeze-lab/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Humoud%2Fapksneeze-lab/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Humoud","download_url":"https://codeload.github.com/Humoud/apksneeze-lab/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225712785,"owners_count":17512486,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["analysis","android-reverse-engineering","docker","docker-compose","flask-application","yara-scanner"],"created_at":"2024-08-04T17:00:58.639Z","updated_at":"2024-11-21T10:30:53.228Z","avatar_url":"https://github.com/Humoud.png","language":"HTML","readme":"# APKSNEEZE Lab v0.1\n\nThe project is a flask web app which allows doing basic static analysis on Android APK files from a browser.\n\nCurrent features:\n1. Decompile apk files with JADX\n2. Zip decompiled files and download them\n3. Scan apk file or decompiled code with Yara\n4. View in browser specific files that matched a yara rule or download them\n4. Grep decompiled files for specific grep patterns\n5. Parse/detect permissions and services in manifest files\n6. Download manifest files\n7. Configure grep patterns and yara rules\n\n## Requirements \u0026 Usage\n\nThe project runs on docker containers. Make sure you have docker and docker-compose installed:\n1. https://docs.docker.com/get-docker/\n2. https://docs.docker.com/compose/install/\n\nRun docker compose to build the images and run the project:\n\n`docker-compose -f local.yml up`\n\nOr run it as daemon:\n\n`docker-compose -f local.yml up -d`\n\nOnce the docker images are built and the containers are running, two things must be done:\n\n1. Compile yara rules:\n\n`docker-compose -f local.yml exec flask flask apksneeze compile`\n\n2. Seed db (populate grep patterns):\n\n`docker-compose -f local.yml exec flask flask apksneeze seed`\n\nAnd that's it.\n\nNow you can visit: `http://localhost:5000` to use the app.\n\nIf you want to clear the DB (excluding string patterns) you can issue a GET request to path: `/clear_all`\n\n## Modifying Code\nYou can modify code on the fly since the code volume is mounted  on both the web app and the worker, plus the project is running in debug mode.\n\n## Screenshots\n\nHere are some screenshot of running the tool against the injured android app developed by B3nac https://github.com/B3nac/InjuredAndroid. Many thanks to B3nac for this app!\n\nIndex page\n\n\n![index page](screenshots/index.png)\n\nDashboard page\n\n![download page](screenshots/dashboard.png)\n\nReport pages:\n\n![report page1](screenshots/report1.png)\n\n![report page2](screenshots/report2.png)\n\nViewing matched yara rules:\n\n![matched yara rules](screenshots/yara_detected.png)\n\nView code from file with matched a yara rule:\n\n![view code](screenshots/yara_show_code.png)\n\nYara rules configuration:\n\n![rule configuration](screenshots/yara_conf.png)\n\nGrep patterns configuration:\n\n![grep patterns](screenshots/grep_conf.png)\n\n## Containers\nThe project uses 4 docker containers:\n1. Alpine python (web app)\n2. Alpine OpenJDK (worker)\n3. Redis\n4. Postgres\n\n## Notes\nFile hashes, apk file sizes, yara rule matches, and grep matches are all stored in a postgresql DB running on one of the docker containers. Also, decompiled files and uploaded apks are stored in the `/storage` directory. The more you use this project, the more data you will accumulate. After that you can get creative with that data.\n\nThe worker currenly uses the same code that the flask app is using, perhaps reducing the code and depedencies will result in a lighter image.\n\n## Disclaimer\nJust in case: I do not recommend running this in production or on sensitive machines for obvious reasons (look at the code, it can easily be abused). Launch it on a lab/test machine, do analysis, close it.\n\nUsage of APKSneeze Lab for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.\n","funding_links":[],"categories":["HTML","HTML (177)"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FHumoud%2Fapksneeze-lab","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FHumoud%2Fapksneeze-lab","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FHumoud%2Fapksneeze-lab/lists"}