OpenSec Atlas

ApkCheckPack: An Open Source Tool for Application Security | OpenSec Atlas

Application Security

Tool

ApkCheckPack

ApkCheckPack is a comprehensive open-source tool for detecting and analyzing Android app protection (加固) features from over 40 vendors.

View on GitHub

About This Tool

apk加固特征检查工具，汇总收集已知特征和手动收集大家提交的app加固特征，全网最全开源加固特征，支持40个厂商的加固检测，欢迎大家提交无法识别的app

Primary Use Case

This tool is primarily used by security researchers and application security professionals to identify and analyze various Android app hardening and protection mechanisms. It helps users detect app packing, anti-debugging, embedded SDKs, and potential security risks within APK files, aiding in vulnerability assessment and risk management.

Key Features

Detection of app protection features by matching known so library names and paths
Anti-environment checks including root, emulator, and anti-debugging detection in Dex files
Third-party SDK detection via characteristic so library names
Anti-proxy detection through scanning proxy detection class names
Scanning for embedded APKs within APK files
Certificate file scanning by suffix and extraction of certificate information
Hardcoded key leakage scanning within APK contents
Rules and detection data for 40+ protection vendors, updated quarterly

Insights & Recommendations

The tool is intended as an auxiliary aid and may miss new or evolving protection methods; users should not rely solely on it. The signature verification feature is temporarily disabled. The tool supports large APK files up to 500MB by default when scanning hardcoded data. Contributions of new detection rules and unrecognized apps are encouraged to keep the tool updated.

Installation

Download the precompiled executable from the releases page
Place the executable in a desired directory
Run the executable directly from the command line with target APK files or folders

Usage

ApkCheckPack.exe -hardcode true -f test.apk

Run a scan on 'test.apk' enabling full file hardcoded information scanning

Smart Usage Notes

Integrate ApkCheckPack into CI/CD pipelines to automate detection of app hardening and potential vulnerabilities before release.Use ApkCheckPack results to tailor penetration testing strategies focusing on bypassing detected protections and anti-debugging mechanisms.Combine ApkCheckPack with dynamic analysis tools to correlate static protection features with runtime behavior for comprehensive app security assessment.Leverage ApkCheckPack's SDK and certificate detection to identify risky third-party components and outdated certificates that may introduce vulnerabilities.Encourage community contributions to continuously update detection rules, maintaining relevance against evolving app protection techniques.