apkdeeplens-全频谱中的Android安全见解

[taibeihacker]

ApkDeeplens是一种基于Python的工具，旨在扫描Android应用程序（APK文件）以获取安全漏洞。 It specifically targets the OWASP Top 10 mobile vulnerabilities, providing an easy and efficient way for developers, penetration testers, and security researchers to assess the security posture of Android apps.

Features​

APKDeeplens是一种基于Python的工具，可在APK文件上执行各种操作。它的主要功能包括:
APK Analysis-扫描Android应用程序包（APK）文件以获取安全漏洞。OWASP Coverage-涵盖OWASP前10个漏洞，以确保全面的安全评估。Advanced Detection-利用自定义Python代码进行APK文件分析和漏洞检测。Sensitive Information Extraction- Identifies potential security risks by extracting sensitive information from APK files, such as insecure authentication/authorization keys and insecure request protocols.In-depth Analysis- Detects insecure data storage practices, including data related to the SD card, and highlights the use of insecure request protocols in the code.Intent Filter Exploits-通过分析从AndroidManifest.xml提取的意图过滤器来查明漏洞。Local File Vulnerability Detection- Safeguard your app by identifying potential mishandlings related to local file operationsReport Generation- Generates detailed and easy-to-understand reports for each scanned APK, providing actionable insights for developers.CI/CD Integration-设计用于轻松集成到CI/CD管道中，从而在开发工作流程中实现自动安全测试。User-Friendly Interface-颜色编码的终端输出使得很容易区分不同类型的发现。

Installation​

要使用ApkDeeplens，您需要在系统上安装Python 3.8或更高。然后，您可以使用以下命令:安装apkdeeplens

For Linux​

GIT克隆https://github.com/D78UI98/APKDEEPLENS/TREE/MAIN
CD /apkdeeplens
Python3 -M Venv Venv
来源VENV/bin/activate
pip install -r要求.txt
python apkdeeplens.py--help

For Windows​

git克隆https://github.com/d78ui98/apkdeeplens/tree/main
cd \ apkdeeplens
Python3 -M Venv Venv。\ venv \ scripts \ activate
pip安装-r。
python apkdeeplens.py--help

Usage​

要简单地扫描APK，请使用以下命令。用-apk参数提及APK文件。扫描完成后，将在控制台中显示详细报告。
python3 APKDeepLens.py -apk file.apk If you've already extracted the source code and want to provide its path for a faster scan you can use the below command.用-source参数提及Android应用程序的源代码。
python3 APKDeepLens.py -apk file.apk -source source-code-path To generate detailed PDF and HTML reports after the scan you can pass -report argument as mentioned below.
python3 apkdeeplens.py -apk file.apk -Report

Contributing​

我们欢迎对ApkDeeplens项目捐款。如果您有功能请求，错误报告或建议，请在此处打开新问题。
对于那些对贡献代码感兴趣的人，请遵循标准GITHUB过程。我们将尽快查看您的贡献:）

Featured at​

Blackhat MEA 2023-https://Blackhatmea.com/session/apkaleidoscope-android-security-ingights-ingights-unights-full-spectrum-0 blackhat Asia 2024- https://www.blackhat.com/asia-24/ar...ghts-ingerity-ingights-in-full-spectrum-37182