A powerful static analysis tool that uses AI to scan Android APK files for security vulnerabilities and potential issues. The scanner decompiles APK files and analyzes the source code, manifest, and resource files using AI models.
- Features
- Prerequisites
- Installation
- Usage
- Project Structure
- Configuration
- Output Format
- Supported AI Models
- Security Analysis Coverage
- Error Handling
- Performance
- Contributing
- License
- Acknowledgments
- APK decompilation using JADX
- Multi-threaded file analysis
- Support for multiple AI models (currently supports GEMENAI)
- Comprehensive security vulnerability scanning
- HTML and Markdown report generation
- Cross-platform compatibility (Windows/Linux)
- Interactive report browsing through generated index.html
- Python 3.8 or higher
- JADX decompiler
- Required Python packages (see requirements.txt)
- Valid API key for supported AI models
- Clone the repository:
git clone <repository-url>
cd android-scanner-ai- Install required Python packages:
pip install -r requirements.txt-
Set up JADX:
- Windows: Ensure jadx.bat is in the jadx/bin directory
- Linux: Ensure jadx is executable in the jadx/bin directory
chmod +x jadx/bin/jadx
-
Configure API Keys in config.py:
- Obtain your API key from Google AI Studio and add it to the
config.pyfile
- Obtain your API key from Google AI Studio and add it to the
-
Configure Models in config.py:
- Set up your Gemini Model by referring to the Gemini models and configure it in the
config.pyfile.
- Set up your Gemini Model by referring to the Gemini models and configure it in the
Run the scanner using the following command:
python run.py --apk-path <path_to_apk> \
--out-dir <output_directory> \
--target-package <package_name> \
--model-name <AI_model> \
--report <report_directory> \
--threads <number_of_threads>--apk-path: Path to the APK file to analyze--out-dir: Directory where decompiled files will be saved--target-package: Package name to analyze (e.g., 'com.example.app')--model-name: AI model to use (e.g., 'GENEAI', 'OPENAI')--report: Directory where analysis reports will be saved--threads: Number of concurrent analysis threads (1-10, default: 1)
android-scanner-ai/
├── run.py # Main entry point
├── config.py # Configuration and API keys
├── requirements.txt # Python dependencies
├── jadx/ # JADX decompiler
│ └── bin/
│ ├── jadx # Linux executable
│ └── jadx.bat # Windows executable
├── models/
│ └── genai_model.py # AI model integration
└── utils/
├── extract_apk_helpers.py # APK extraction utilities
└── html_helpers.py # Report generation utilities
Edit config.py to configure:
- AI Model API Keys:
api_keys = {
"GENEAI": "your-api-key-here"
}- Available Models:
Models = {
"GENEAI": {
"gemini-2.0-flash": "gemini-2.0-flash"
}
}- Analysis Instructions and Rules
The scanner generates two types of reports for each analyzed file:
- Markdown Report (.md):
## Vulnerability: [Title]
**Severity**: [Low/Medium/High]
**CWE ID**: [ID]
**Description**: [Details]
**Code Example**: [Relevant Code]
**Recommendation**: [Fix Suggestions]
**References**: [Links]- HTML Report:
- Interactive web-based report
- Organized by package structure
- Linked through index.html
Currently supported AI models:
- Google Gemini AI (GENEAI)
- Model: gemini-2.0-flash
The scanner analyzes:
-
Java Source Files:
- Security vulnerabilities
- Code weaknesses
- Best practice violations
-
AndroidManifest.xml:
- Permission issues
- Component exposure
- Security configurations
-
strings.xml:
- Hardcoded credentials
- Sensitive data
- Configuration issues
The scanner includes robust error handling for:
- Invalid APK files
- Missing JADX executable
- AI model errors
- File system issues
- Threading problems
- Multi-threaded analysis (up to 10 threads)
- Concurrent file processing
- Efficient report generation
- Optimized for large APKs
- JADX decompiler
- Google Gemini AI