README.md

App Scanner CLI

Find out what the mobile application was developed with.

• App Scanner CLI
  • How it works (steps)
  • 🚀 Roadmap
    • 🔨 Frameworks compatibilities
    • 🔍 Scan features
  • 👨🏼‍💻 Installation
    • Auto install
    • Manual install
  • Preview
  • 🏄🏼‍♂️ Run
    • CLI Arguments
  • 🕵🏼 How to detect Frameworks
    • 1. By detecting typical architecture files (100% reliable)
    • 2. With grep match (50% reliable - not suggested)

How it works (steps)

• Step 1 - Download APK
• Step 2 - Decode APK
• Step 3 - Scan decoded APK

🚀 Roadmap

🔨 Frameworks compatibilities

Try to update frameworks following State of JS Mobile

• React Native
• Flutter
• Xamarin
• Cordova
• Capacitor
• Ionic

🔍 Scan features

• Android APK scan
• iOS App scan
• Bulk Scan
• Build an intuitive web app
• Scan vulnerabilities
  • Scan sensitive data
  • Scan security fails

👨🏼‍💻 Installation

Auto install

If you're on MacOS you can run this command yarn run install:macos

Manual install

1. Install firstly gplaydl and login with your Play Store account
2. Install Apktool
3. Install node_modules with yarn

Preview

🏄🏼‍♂️ Run

yarn start

or you can start with following arguments:

yarn start --apkID com.facebook.katana

yarn start --scanListFile ./myAPKsList.txt

CLI Arguments

parameters	description	required	default value
apkID	Android APK Play Store ID	false
scanListFile	File containing a list of APK IDs	false

🕵🏼 How to detect Frameworks

1. By detecting typical architecture files (100% reliable)

Example a React Native Android decompiled app always contains an assets/index.android.bundle file.

We've indentified typical framework architectures. Take a look here for more details. Open to new frameworks suggestions.

2. With grep match (50% reliable - not suggested)

Check an example on a command that we run to check react native occurances in app files.

grep -iR "react_native\|react-native\|reactnative" ${apkDecodedPath} | wc -w