[TOOL] Add APKleaks & Deprecate APKEnum #2818
Comments
|
Maybe we can replace it with the forked and updated version |
|
@cpholguera |
|
Thanks for the suggestion @jeel38. Could you please select 2 widely used apps like WhatsApp and TikTok for example and run both https://github.com/furkanumut/APKLeakData and https://github.com/dwisiswant0/apkleaks on them so we can compare results and know if the tools complement each other or if they do the same, to see which one provides better results? |
|
The apkleaks provides more information when compared to apkleakdata. Apkleaks provides custom regex rules that can be added to the json file https://github.com/dwisiswant0/apkleaks/blob/master/config/regexes.json To run the tool using these custom rules, use the following command: $ apkleaks -f /path/to/file.apk -p regexed.json -o ~/Documents/apkleaks-results.txt
|
|
Awesome, thank you for checking that @jeel38! Would you like to help us create a MASTG-TOOL file for that? Android tools live here: https://github.com/OWASP/owasp-mastg/tree/master/tools/android You can simply create a file following the same style and structure of the rest. Like To set the number xxxx in the filename please use the next ID available after sorting this table: https://mas.owasp.org/MASTG/tools/ Please also update this mention to https://mas.owasp.org/MASTG/techniques/android/MASTG-TECH-0022/ |
|
Sure, Will work on it please assign to me. |
|
It's yours. Thank you @jeel38! |
APKEnum is mentioned a few times in the MASTG, though it's Python 2.7 and doesn't look actively maintained. Let's remove the references from the MASTG and leave a deprecation note.
Add APKleaks as a MASTG-TOOL and replace references and potential examples used.
https://github.com/dwisiswant0/apkleaks/
The text was updated successfully, but these errors were encountered: