A Model Context Protocol server that exposes Apktool functionality for Android APK analysis and reverse engineering
Project description
Apktool MCP Server
A powerful Model Context Protocol (MCP) server that exposes Apktool functionality for Android APK analysis and reverse engineering. Integrates seamlessly with Gemini CLI to provide AI-powered APK security analysis, privacy auditing, and reverse engineering guidance through natural language commands.
๐ Features
๐ Comprehensive APK Analysis
- Decompile APKs to extract resources, manifest, and smali code
- Analyze permissions and app components for security assessment
- Extract string resources and detect hardcoded secrets
- Search smali code for specific patterns and security vulnerabilities
- Recompile modified APKs after making changes
๐ค AI-Powered Workflows
- Natural language commands for complex APK analysis tasks
- Automated security audits with AI-generated insights
- Privacy compliance checking and GDPR/CCPA analysis
- Step-by-step reverse engineering guidance
- Intelligent vulnerability detection and risk assessment
๐ 8 Core Tools
| Tool | Description |
|---|---|
decode_apk |
Decompile APK files to extract all components |
build_apk |
Recompile APK from modified source directory |
install_framework |
Install system frameworks for system app analysis |
analyze_manifest |
Parse AndroidManifest.xml for permissions and components |
extract_strings |
Extract string resources with locale support |
list_permissions |
Enumerate all requested permissions |
find_smali_references |
Search for patterns in decompiled smali code |
get_apk_info |
Get basic APK metadata and information |
๐ Specialized Analysis Prompts
- Security Analysis: Comprehensive vulnerability assessment
- Privacy Audit: Data collection and compliance analysis
- Reverse Engineering Guide: Step-by-step analysis workflows
๐ฆ Installation
Prerequisites
1. Java JDK 8+ (Required by Apktool)
# Ubuntu/Debian
sudo apt update && sudo apt install default-jdk
# macOS (Homebrew)
brew install openjdk
# Verify installation
java -version
2. Apktool (Core dependency)
# Option 1: Package manager (recommended)
# Ubuntu/Debian
sudo apt install apktool
# macOS
brew install apktool
# Option 2: Manual installation
# Download from https://ibotpeaches.github.io/Apktool/install/
# Verify installation
apktool --version
3. Python 3.10+
python3 --version # Should be 3.10 or higher
Setup Instructions
1. Clone the repository
git clone https://github.com/SecFathy/APktool-MCP.git
cd APktool-MCP
2. Create virtual environment
python3 -m venv venv
source venv/bin/activate # Linux/macOS
# or
venv\Scripts\activate # Windows
3. Install dependencies
pip install -r requirements.txt
4. Test the installation
python3 apktool_server.py
# Should start the MCP server successfully
โ๏ธ Configuration
Gemini CLI Integration
1. Install Gemini CLI
# Follow instructions at https://github.com/google-gemini/gemini-cli
2. Configure MCP Server
Edit your Gemini CLI configuration file:
- Linux/macOS:
~/.config/gemini-cli/config.json - Windows:
%APPDATA%\gemini-cli\config.json
{
"mcpServers": {
"apktool": {
"command": "python3",
"args": ["/absolute/path/to/apktool_server.py"],
"env": {
"APKTOOL_WORK_DIR": "/path/to/workspace"
}
}
}
}
Claude Desktop Integration (Alternative)
Edit Claude Desktop configuration:
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json - Linux:
~/.config/Claude/claude_desktop_config.json
{
"mcpServers": {
"apktool": {
"command": "python3",
"args": ["/absolute/path/to/apktool_server.py"],
"env": {
"APKTOOL_WORK_DIR": "/path/to/workspace"
}
}
}
}
๐ฏ Usage Examples
Natural Language Commands
# Start Gemini CLI
gemini
# Security Analysis
> "Analyze the APK at ./suspicious_app.apk for security vulnerabilities"
# Permission Analysis
> "What permissions does ./myapp.apk request and are any of them dangerous?"
# Code Analysis
> "Find any hardcoded API keys or secrets in ./social_app.apk"
# Privacy Audit
> "Generate a privacy compliance report for ./messenger_app.apk"
# Reverse Engineering
> "Help me understand how the authentication works in ./banking_app.apk"
Direct Tool Usage
# Decompile an APK
> Use decode_apk to decompile ./sample.apk
# Analyze permissions
> Use list_permissions on the decompiled directory ./sample
# Search for patterns
> Use find_smali_references to search for "crypto" in ./sample
# Extract strings
> Use extract_strings from ./sample for locale "en"
# Rebuild APK
> Use build_apk to recompile ./sample into ./sample_modified.apk
Guided Workflows
# Run automated security analysis
> Run the security analysis prompt on ./target_app.apk
# Perform privacy audit
> Execute privacy audit workflow for ./social_media_app.apk
# Get reverse engineering guidance
> Use the reverse engineering guide for analyzing login functionality in ./app.apk
๐ Project Structure
apktool-mcp-server/
โโโ apktool_server.py # Main MCP server implementation
โโโ requirements.txt # Python dependencies
โโโ config.json # Example Gemini CLI configuration
โโโ README.md # This file
โโโ GEMINI.md # AI assistant context file
โโโ LICENSE # MIT license
โโโ examples/ # Usage examples and samples
โ โโโ sample_analysis.py # Example analysis scripts
โ โโโ workflows/ # Common workflow examples
โโโ tests/ # Unit tests
โ โโโ test_server.py # Server functionality tests
โ โโโ test_tools.py # Individual tool tests
โโโ docs/ # Additional documentation
โโโ SECURITY.md # Security guidelines
โโโ CONTRIBUTING.md # Contribution guidelines
โโโ TROUBLESHOOTING.md # Common issues and solutions
๐ Security Considerations
โ ๏ธ Important Security Notes
- Legal Compliance: Only analyze APKs you own or have explicit permission to analyze
- Malware Risk: Unknown APKs may contain malicious code - use in isolated environments
- Data Privacy: Decompiled APKs may contain sensitive user information
- Workspace Isolation: Configure dedicated workspace with restricted permissions
- Process Limits: Server includes timeouts to prevent resource exhaustion
Best Practices
# Use dedicated workspace
export APKTOOL_WORK_DIR="/secure/isolated/workspace"
# Set appropriate permissions
chmod 750 /secure/isolated/workspace
# Monitor resource usage
htop # Watch memory and CPU during analysis
# Clean up after analysis
rm -rf /secure/isolated/workspace/*
๐งช Testing
Run Unit Tests
# Install test dependencies
pip install pytest pytest-asyncio
# Run all tests
pytest tests/
# Run with coverage
pytest --cov=apktool_server tests/
Manual Testing
# Test server startup
python3 apktool_server.py
# Test with sample APK
# Download a sample APK and test basic functionality
Integration Testing
# Test Gemini CLI integration
gemini
> /tools # Should list apktool tools
> Use decode_apk to analyze sample.apk
๐ค Contributing
We welcome contributions! Please see CONTRIBUTING.md for details.
Development Setup
# Clone and setup development environment
git clone https://github.com/SecFathy/APktool-MCP.git
cd APktool-MCP
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt
pip install -r requirements-dev.txt
# Run tests
pytest
# Format code
black apktool_server.py
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file iflow_mcp_secfathy_apktool_mcp-1.0.0.tar.gz.
File metadata
- Download URL: iflow_mcp_secfathy_apktool_mcp-1.0.0.tar.gz
- Upload date:
- Size: 10.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.9.28 {"installer":{"name":"uv","version":"0.9.28","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Debian GNU/Linux","version":"13","id":"trixie","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dc176073f476a45d083b45076c4e7a2dba1b737dfc95597943459bffd18871bc
|
|
| MD5 |
af721ec0e8faef92573f87267b7b0e8c
|
|
| BLAKE2b-256 |
3267197d56eba1a4f2083ef94ebd24601cc7d358a3c31d17871593f68286246f
|
File details
Details for the file iflow_mcp_secfathy_apktool_mcp-1.0.0-py3-none-any.whl.
File metadata
- Download URL: iflow_mcp_secfathy_apktool_mcp-1.0.0-py3-none-any.whl
- Upload date:
- Size: 10.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.9.28 {"installer":{"name":"uv","version":"0.9.28","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Debian GNU/Linux","version":"13","id":"trixie","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dc953d866c758f07b6166faffe87b4e17be3873994f5130e0fb171c2d009a8e7
|
|
| MD5 |
8afa267720c06e823b256a98da389822
|
|
| BLAKE2b-256 |
a17a715932dd656042176d344e1a9b0962b1c7c8eb7d1baeda574075b721ffc8
|
