Advanced APK analysis tool with intelligent caching, pattern matching, and comprehensive security vulnerability detection
Last updated Jun 12, 2026
87
Stars
13
Forks
0
Issues
0
Stars/day
Attention Score
20
Language breakdown
Go 96.3%
Shell 2.1%
Dockerfile 1.6%
βΈ Files
click to expand
README
apkX - Advanced APK & iOS Analysis Tool
A comprehensive security analysis tool for Android APK and iOS IPA files with advanced pattern matching, vulnerability detection, and cloud storage integration.
π What's New in v4.0.0
- β Cloudflare R2 Integration: Full support for cloud storage with zero local dependencies
- β Dokploy Compatibility: Enhanced Docker configuration for easy deployment on Dokploy
- β iOS Download Improvements: Fixed ipatool issues and enhanced iOS app scanning
- β Configurable Docker Setup: All paths and ports now configurable via environment variables
- β Security Improvements: Environment variable usage instead of hardcoded credentials
- β Simplified Documentation: Clean README with clear tool list and official links
β¨ Features
π Advanced Analysis
- Pattern Matching: 1600+ security patterns for sensitive data detection
- Vulnerability Detection: Built-in Janus vulnerability detection
- Static Analysis: Comprehensive code analysis for both Android and iOS
- MITM Patching: Automatic APK patching for network traffic analysis
π± Multi-Platform Support
- Android APK: Full decompilation and analysis
- iOS IPA: Binary plist parsing and Swift/Objective-C analysis
- XAPK Support: Extended Android package format
βοΈ Storage Options
- Local Storage: Traditional file-based storage
- Cloudflare R2 Storage: Cloud-based storage with zero local dependencies
- Auto-Sync: Automatic synchronization between storage backends
π¨ Modern UI
- Responsive Design: Works on desktop and mobile
- Real-time Updates: Live job status and progress tracking
- Interactive Reports: Rich HTML reports with navigation
- Download Support: Direct download of patched APKs and manifests
π Installation & Quick Start
Option 1: Docker (Recommended)
The easiest way to run apkX is with Docker, which includes all dependencies:# Clone the repository
git clone https://github.com/h0tak88r/apkX.git
cd apkX
Set your Apple ID credentials (for iOS downloads)
export IPATOOL_EMAIL="your-email@example.com"
export IPATOOL_PASSWORD="your-app-specific-password"
export IPATOOLKEYCHAINPASSPHRASE="your-passphrase"
Start with Docker Compose
docker-compose up --build
Access the web interface at: http://localhost:9090
Option 2: Local Installation
For local installation, you need the following tools installed:Required Tools
- Go 1.21+ - Install Go
- Java 17+ - Install Java
- Node.js 18+ - Install Node.js
- apkeep - Install apkeep
- ipatool - Install ipatool
- apk-mitm - Install apk-mitm
Build and Run
# Clone and build
git clone https://github.com/h0tak88r/apkX.git
cd apkX
go mod download
go build -o apkx-web ./cmd/server/main.go
Set environment variables
export IPATOOL_EMAIL="your-email@example.com"
export IPATOOL_PASSWORD="your-app-specific-password"
export IPATOOLKEYCHAINPASSPHRASE="your-passphrase"
Run the server
./apkx-web -addr :9090 -mitm
π Usage
Web Interface
- Open your browser to
http://localhost:9090 - Upload APK/IPA files or download from package managers
- View analysis reports and download patched APKs
- Delete reports using the delete button
API Endpoints
POST /upload- Upload APK/IPA filesPOST /download- Download APKs from package managersPOST /download-ios- Download iOS apps from App StoreGET /api/install/{reportID}- Download patched APKDELETE /api/report/delete/{reportID}- Delete reportGET /api/jobs- List analysis jobs
iOS App Download
For iOS apps, you can use thedownload-ios endpoint:
curl -X POST "http://localhost:9090/download-ios" \
-d "bundleid=com.example.app&iosversion=1.0.0"
Note: iOS downloads require Apple ID authentication. Before using iOS downloads, you need to authenticate ipatool with your Apple ID:
# Run this command interactively to authenticate
docker exec -it apkx-web ipatool auth login
This is a one-time setup that stores your credentials securely in the container's keychain.
Command Line
# Analyze APK
./apkx-web -apk app.apk -output ./reports
Analyze with MITM patching
./apkx-web -apk app.apk -mitm -output ./reports
π§ Configuration
Environment Variables
Required for iOS Downloads
export IPATOOL_EMAIL="your-apple-id@example.com"
export IPATOOL_PASSWORD="your-app-specific-password"
export IPATOOLKEYCHAINPASSPHRASE="your-keychain-passphrase"
Optional Configuration
# Server Configuration
export PORT="9090" # Web server port (default: 9090)
Storage Paths (Docker)
export APKXUPLOADDIR="/app/web-data/uploads"
export APKXREPORTSDIR="/app/web-data/reports"
export APKXDOWNLOADDIR="/app/web-data/downloads"
export APKXPATTERNSPATH="/app/config/regexes.yaml"
Cloudflare R2 Storage (Optional)
export USER2STORAGE="true"
export R2BUCKETNAME="your-bucket-name"
export R2ACCOUNTID="your-account-id"
export R2ACCESSKEY_ID="your-access-key-id"
export R2SECRETKEY="your-secret-key"
export R2PUBLICURL="https://your-custom-domain.com"
Authentication (Optional)
export APKXAUTHENABLED="true"
export APKXAUTHUSERNAME="your-username"
export APKXAUTHPASSWORD="your-secure-password"
export APKX_SESSI
Cloudflare R2 Setup
- Create a Cloudflare R2 bucket
- Generate R2 API tokens with read/write permissions
- Set environment variables or use the setup script
export USER2STORAGE=true
export R2BUCKETNAME="your-bucket-name"
export R2ACCOUNTID="your-account-id"
export R2ACCESSKEY_ID="your-access-key-id"
export R2SECRETKEY="your-secret-key"
export R2PUBLICURL="https://your-custom-domain.com" # Optional
iOS Downloads Setup (Automatic Authentication)
For automatic iOS app downloads, configure Apple ID credentials with an App-Specific Password:Required Environment Variables:
export IPATOOLKEYCHAINPASSPHRASE="your-keychain-passphrase" export IPATOOL_EMAIL="your-apple-id@example.com" export IPATOOL_PASSWORD="your-app-specific-password"
App-Specific Password Setup:
- Go to Apple ID Account Settings
- Sign in with your Apple ID
- In the "Security" section, click "Generate Password" under "App-Specific Passwords"
- Enter a label (e.g., "apkX iOS Downloads")
- Copy the generated password and use it as
IPATOOL_PASSWORD
Authentication Setup
By default, authentication is disabled and the web interface is publicly accessible. To enable authentication:- Enable Authentication: Set
APKXAUTHENABLED=true - Set Credentials: Configure
APKXAUTHUSERNAMEandAPKXAUTHPASSWORD - Session Security: Optionally set
APKXSESSIONSECRETfor session security
- Username:
admin - Password:
admin123
π³ Docker Commands
# Start the application
docker-compose up --build
Start in background
docker-compose up -d --build
View logs
docker-compose logs -f
Stop the application
docker-compose down
Rebuild and start
docker-compose up --build --force-recreate
π§ Troubleshooting
Common Issues
Missing Dependencies
If you get "command not found" errors, install the missing tools:- apkeep: Installation Guide
- ipatool: Installation Guide
- Java: Installation Guide
- Node.js: Installation Guide
iOS Download Authentication
# Authenticate ipatool manually
ipatool auth login --email your-email@example.com
Or set environment variables
export IPATOOL_EMAIL="your-email@example.com"
export IPATOOL_PASSWORD="your-app-specific-password"
export IPATOOLKEYCHAINPASSPHRASE="your-passphrase"
Docker Issues
# Check if config file is mounted
docker exec -it apkx-web ls -la /app/config/
Recreate volumes
docker-compose down -v
docker-compose up --build
Check logs
docker-compose logs -f
Getting Help
- Check the logs:
docker-compose logs -f - Verify dependencies:
docker exec -it apkx-web which apkeep ipatool jadx - Test iOS auth:
docker exec -it apkx-web ipatool auth login
π Analysis Features
Android APK Analysis
- Decompilation: JADX-based APK decompilation
- Manifest Analysis: Permission and component analysis
- Code Analysis: Java/Kotlin source code scanning
- Vulnerability Detection: Security pattern matching
- MITM Patching: Network traffic interception setup
iOS IPA Analysis
- Binary Plist Parsing: Automatic conversion of binary plists
- Swift/Objective-C Analysis: Source code pattern matching
- Bundle Analysis: App metadata and configuration
- Security Scanning: iOS-specific vulnerability patterns
Pattern Categories
- API Keys: AWS, Google, Firebase, etc.
- Authentication: OAuth, JWT, session tokens
- Database: Connection strings, credentials
- Payment: Stripe, PayPal, payment tokens
- Social: Facebook, Twitter, social media keys
- Analytics: Tracking and analytics services
π Security Features
- Sensitive Data Detection: 1600+ patterns for secrets and keys
- Vulnerability Scanning: Built-in security checks
- MITM Support: APK patching for network analysis
- Report Encryption: Secure report generation
- Access Control: Simple HTTP authentication with session management
π Project Structure
apkX/
βββ cmd/
β βββ apkx/ # CLI tool
β βββ server/ # Web server
βββ internal/
β βββ analyzer/ # Analysis engines
β βββ decompiler/ # APK decompilation
β βββ downloader/ # Package downloaders
β βββ reporter/ # Report generation
β βββ storage/ # Storage backends
βββ config/
β βββ regexes.yaml # Security patterns
βββ docker-compose.yml # Docker configuration
βββ Dockerfile # Container definition
βββ apkx.sh # Management script
π€ Contributing
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
π License
This project is licensed under the MIT License - see the LICENSE file for details.
π Acknowledgments
- JADX - APK decompilation
- apkeep - APK downloading
- ipatool - iOS app downloading
- apk-mitm - APK patching
π Support
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Documentation: Wiki
Made with β€οΈ for the security community
π More in this category