Static SDK detection for Android APK files — 5-layer analysis engine
Project description
APK SDK Analyzer
Static third-party SDK detection tool for Android APK files.
Features
- Zero-dependency on decompilers — pure Python static analysis
- 5-layer detection engine: DEX class names · AndroidManifest components · Native
.solibs · META-INF version files · DEX BuildConfig static fields - Structured output: JSON + interactive single-file HTML report
- Extensible signature database: YAML files in
sdk_signatures/— update without recompiling - Cross-platform exe: Windows / macOS / Linux via PyInstaller
Quick Start
# Install
pip install -r requirements.txt
# Run
python src/main.py target.apk
# Output
# target_report.json — structured data
# target_report.html — interactive report (open in browser)
Pre-built Binaries
Download from Releases:
| Platform | File |
|---|---|
| Windows x64 | apk-analyzer-windows-x64.exe |
| macOS ARM64 | apk-analyzer-macos-arm64 |
| Linux x64 | apk-analyzer-linux-x64 |
apk-analyzer.exe target.apk
apk-analyzer.exe target.apk --signatures-dir ./sdk_signatures
apk-analyzer.exe target.apk --categories push,ads --verbose
Detection Methods
| Layer | Method | Coverage |
|---|---|---|
| L1 | DEX class name prefix matching | ~90% of SDKs |
| L2 | AndroidManifest service/receiver/activity | Confirms presence |
| L3 | Native .so library names |
Native SDKs |
| L4 | META-INF .version files |
AndroidX / Google libs |
| L5 | DEX BuildConfig.VERSION_NAME static fields |
Exact versions |
SDK Signature Format
# sdk_signatures/<category>/<id>.yaml
id: xiaomi_mipush
name: 小米推送 MiPush
category: push
vendor: Xiaomi
description: "小米厂商推送通道"
detection:
package_prefixes:
- "com.xiaomi.push"
native_libs:
- "libmipush.so"
manifest_services:
- "com.xiaomi.push.service.XMPushService"
version_extraction:
buildconfig:
class_pattern: "com.xiaomi.push.BuildConfig"
field: "VERSION_NAME"
risk:
permissions:
- "android.permission.RECEIVE_BOOT_COMPLETED"
data_collection:
- "设备标识符"
privacy_risk: low # low / medium / high
notes: "..."
Output JSON Structure
{
"meta": { "tool_version": "1.0.0", "analysis_time": "...", ... },
"apk_info": { "package_name": "com.example.app", "version_name": "1.2.3", ... },
"detected_sdks": [
{
"id": "xiaomi_mipush",
"name": "小米推送 MiPush",
"version": "5.9.6",
"confidence": "high",
"detection_evidence": { "matched_packages": ["com.xiaomi.push"], ... },
"risk": { "privacy_risk": "low", ... }
}
],
"summary": { "total_detected": 46, "by_category": { "push": 5, ... } }
}
Contributing Signatures
Add a YAML file to the appropriate sdk_signatures/<category>/ directory. See existing files for the format. No code changes required.
Build from Source
pip install pyinstaller
pyinstaller apk_analyzer.spec
# Output: dist/apk-analyzer(.exe)
License
MIT
Release Pipeline
Automated release pipeline via GitHub Actions:
PR merge (feature-* or fix-*)
↓ auto-tag.yml
Creates v1.y.z tag
↓ publish.yml
Publishes to PyPI → pip install apk-analyzer
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
apk_analyzer-1.3.0.tar.gz
(19.5 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file apk_analyzer-1.3.0.tar.gz.
File metadata
- Download URL: apk_analyzer-1.3.0.tar.gz
- Upload date:
- Size: 19.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.9 {"installer":{"name":"uv","version":"0.10.9","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0e249566eadf571f4d580745e9edfbc87107310e784ec77409b99eed342bbcbb
|
|
| MD5 |
a020f2a000a3dd7590ecf0bab18bb28e
|
|
| BLAKE2b-256 |
b0c6f13d0fab36b0358f29d099b92ec11aeacdb413d636f60b85bb97c1686aff
|
File details
Details for the file apk_analyzer-1.3.0-py3-none-any.whl.
File metadata
- Download URL: apk_analyzer-1.3.0-py3-none-any.whl
- Upload date:
- Size: 19.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.9 {"installer":{"name":"uv","version":"0.10.9","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4265476e9f405799dcf58251b8b67b14949a52262d2af46c99bed740004736e7
|
|
| MD5 |
75c1a8097aa2662971bad4920b3e3b50
|
|
| BLAKE2b-256 |
c2f021bcdc8f42571c2f6100cb178b9cce01c6845880aaa71e9189ce7b5bc7b3
|
