APK Hunter is a powerful tool for analyzing Android APK files to identify potential security issues and malicious content. It extracts and analyzes strings, identifies IP addresses, URLs, and suspicious keywords that might indicate malicious behavior.
- Extract readable strings from APK files
- Identify IP addresses
- Find URLs
- Detect suspicious keywords and patterns
- Optional radare2 integration for deeper analysis
- Output in both human-readable text and JSON formats
- Save results to a file
git clone https://github.com/yourusername/apk_hunter.git
cd apk_hunter
pip install -e .- Python 3.7 or higher
stringscommand (usually part of GNU binutils)- radare2 (optional, for additional analysis)
Basic usage:
apk-hunter suspicious.apkSave results to a file:
apk-hunter suspicious.apk -o results.txtGet JSON output:
apk-hunter suspicious.apk -f jsonAPK_FILE: Path to the APK file to analyze-f, --format [text|json]: Output format (default: text)-o, --output FILE: Save results to a file instead of printing to stdout
[+] IP Addresses:
192.168.1.1
10.0.0.1
[+] URLs:
https://malicious.example.com/payload
http://command.example.com/control
[+] Suspicious Keywords:
keylogger.initialize()
inject_payload()
system_command_handler
Contributions are welcome! Please feel free to submit a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.