apkingo is a utility designed to extract information from an APK file. By analyzing the provided file, apkingo extracts details like package name, target SDK, permissions, metadata, certificate serial, and issuer. Additionally, the tool fetches information about the specified apk from the Play Store and, if valid API keys are provided, from Koodous and VirusTotal. If the file is not available on VirusTotal, apkingo offers the option to upload it.
You can download apkingo from the releases section or compile it from the source by running:
go install github.com/andpalmier/apkingo/cmd/apkingo@latest
You can run apkingo with the following flags:
-apk string (REQUIRED)
Path to APK file
-country string
Country code of the Play Store (default "us")
-json string
Path to export analysis in JSON format
-kapi string
Koodous API key (you can export it using the env variable KOODOUS_API_KEY)
-vtapi string
VirusTotal API key (you can export it using the env variable VT_API_KEY)
apkingo analyzing snapseed:
apkingo analyzing an Android malware (I had to cut the screenshot on the permissions section):
Here is the full list of information which apkingo can retrieve:
- General information: app name, package name, app version, main activity, minimum and target SDK
- Hashes: md5, sha1 and sha256
- Permissions
- Metadata
- Certificate information: serial, thumbprint, validity, date, expiration date, issuer and subject
- Play Store information: Play Store url, version, release date, last update date, genre, summary, number of installations, score, developer name, developer ID, developer mail and developer website
- Koodous info (API key required): Koodous url, Koodous ID, Koodous link to the app icon, size, Koodous tags, trusted (boolean), Koodous rating, corrupted (boolean) and submission date
- VirusTotal info (API key required): VirusTotal url, apk names, submission date, number of submissions, last analysis date and results, community votes (harmless and malicious), md5 and dhash of icon, providers, receivers, services, interesting strings and permissions that are considered dangerous
- shogo81148/androidbinary: GitHub repo and Go reference
- avast/apkverifier: GitHub repo and Go reference
- fatih/color: GitHub repo and Go reference
- n0madic/google-play-scraper: GitHub repo and Go reference
- parnurzeal/gorequest: GitHub repo and Go reference
- VirusTotal/vt-go: GitHub repo and Go reference
- VirusTotal API documentation
- Koodous API documentation