Extract all apks from an Android device and check for malicious apps
Project description
Snoopdroid is a simple utility to automate the process of extracting installed apps from an Android phone using the [Android Debug Bridge](https://developer.android.com/studio/command-line/adb). Optionally, Snoopdroid is able to lookup the extracted packages on various online services in order to attempt to immediately recognize any known malicious apps.
<p align=”center”><img src=”/img/snoopdroid.png?raw=true”/></p>
Installation on Debian GNU/Linux
In order to run Snoopdroid on Debian you will need to install the following dependencies:
` apt install python3 python3-pip python3-dev build-essential libssl-dev libffi-dev swig android-sdk-platform-tools `
Make sure to generate your adb keys with:
` adb keygen ~/.android/adbkey `
You can then install Snoopdroid with pip3:
` pip3 install rsa pip3 install snoopdroid `
Installation on Mac
Running Snoopdroid on Mac requires Xcode and [homebrew](https://brew.sh) to be installed.
In order to install adb and other dependencies use:
` brew install openssl swig libusb python3 brew install homebrew/cask/android-platform-tools `
Make sure to generate your adb keys:
` mkdir $HOME/.android adb keygen $HOME/.android/adbkey adb pubkey $HOME/.android/adbkey > $HOME/.android/adbkey.pub `
You can now install Snoopdroid with pip3:
` pip3 install rsa pip3 install snoopdroid `
How to use
In order to use Snoopdroid you need to connect your Android device to your computer. You will then need to [enable USB debugging](https://developer.android.com/studio/debug/dev-options#enable) on the Android device.
If this is the first time you connect to this device, you will need to approve the authentication keys through a prompt that will appear on your Android device.
You can now launch Snoopdroid simply with snoopdroid. At each run, Snoopdroid will generate a new acquisition folder containing all the extracted APKs in the current working directory. You can change the base folder using:
` snoopdroid --storage /path/to/folder `
Optionally, you can decide to enable lookups of the SHA256 hash of all the extracted APKs on [VirusTotal](https://www.virustotal.com) and/or [Koodous](https://www.koodous.com). While these lookups do not provide any conclusive assessment on all of the extracted APKs, they might highlight any known malicious ones.
` snoopdroid --virustotal snoopdroid --koodous `
Or, to launch all available lookups:
` snoopdroid --all `
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file snoopdroid-2.3.tar.gz.
File metadata
- Download URL: snoopdroid-2.3.tar.gz
- Upload date:
- Size: 21.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/44.0.0 requests-toolbelt/0.9.1 tqdm/4.45.0 CPython/3.8.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 69108d5c84ed1614e2bc89736673b00e8973cdd5048e9e3c876fe04ffa76eca5 |
|
| MD5 | 2997cdcf0b53b9824f5ab1953d0d8e1d |
|
| BLAKE2b-256 | 90732ec7b811dac528d62bb97f30d74d44e9aa1e2aa6e5ee3060abefcd4a9b38 |
File details
Details for the file snoopdroid-2.3-py3-none-any.whl.
File metadata
- Download URL: snoopdroid-2.3-py3-none-any.whl
- Upload date:
- Size: 35.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/44.0.0 requests-toolbelt/0.9.1 tqdm/4.45.0 CPython/3.8.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d8a437c0fe13a3ca3ce2ad2869f26edc2cf37422a00a256ccdd4885663a93a99 |
|
| MD5 | 0203330f45ac8c6031e231a5cedcbafa |
|
| BLAKE2b-256 | 859536cede05a68c3cb2c0a6aa5d1de202376369af1184fb2fdddf9364daadd9 |
