Automic VaultAutomic Vault

brew

Install apkleaks with Homebrew, Nix

Scanning APK file for URIs, endpoints & secrets. Version 2.6.3 via Homebrew; verified 2026-04-22.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install apkleaks

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#apkleaks

nixpkgs package indexes · pkgs/by-name/ap/apkleaks/package.nix · source: api.github.com

overview

Package summary

Scanning APK file for URIs, endpoints & secrets

Commands and aliases

  • apkleaks

history

Project history and usage

APKLeaks is a Python CLI for scanning APK files for URIs, endpoints, and secrets. It is part Android reverse-engineering helper, part bug-bounty reconnaissance tool, and part regex-based secret scanner.

Project history

The public GitHub repository was created in May 2020. Its README positions the tool around APK scanning and documents installation from PyPI, source, and Docker, with jadx used as the disassembler when available.

The README credits apkurlgrep as an inspiration and acknowledges pattern sources and related tooling such as truffleHogRegexes, LinkFinder, gf patterns, dex2jar, and a standalone APK parser. That makes the project a packaging point for several mobile-reconnaissance ideas rather than a pure APK parser.

Adoption history

The project is distributed through PyPI, Docker, and source installation according to its README. The supplied package metadata also records Homebrew and Nix packages, showing that the tool crossed from Python security circles into general CLI package indexes.

GitHub repository metadata showed more than 6k stars and hundreds of forks at research time, which is unusually high for a narrow APK scanner and reflects adoption in mobile-security and bug-bounty workflows.

How it is used

The common invocation is apkleaks -f path/to/file.apk, with optional output file selection, JSON output, custom pattern JSON via --pattern, and disassembler arguments passed through with --args. If no output path is supplied, the README says it generates a result file automatically.

APKLeaks does not document a fixed user config file. Pattern customization is an explicit per-run path to a JSON rules file, while the default regexes live inside the project repository.

Why package nerds care

APKLeaks is interesting as a small packaged security CLI because it composes other tools and pattern corpora behind a simple command. Package users care less about a library API and more about whether pipx, brew, nix, or Docker can put a scanner in PATH quickly during APK triage.

Its release stream also shows maintenance for platform compatibility, including Python 3.12 and 3.13 support and a move to pyproject.toml in the 2.6.x series.

Timeline

  • 2020: Public dwisiswant0/apkleaks repository created on GitHub.
  • 2021: 2.6.0 release added token and identifier patterns such as GitHub access tokens, Discord bot tokens, JWTs, and CTF flag patterns.
  • 2024: 2.6.2 added Python 3.12 support.
  • 2024: 2.6.3 migrated to pyproject.toml and fixed Python 3.13 compatibility.

Related projects

  • APKLeaks relies on jadx for APK decompilation and credits apkurlgrep, truffleHogRegexes, LinkFinder, gf, dex2jar, and a standalone APK parser as influences or resources.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Installs with 2 runtime dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
apkleakscliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version2.6.3
manager updated2026-04-22
local dataok
upstreamnot checked
latest detectednot detected

https://github.com/dwisiswant0/apkleaks

install metadata

Package metadata

Package keybrew:apkleaks
Version2.6.3
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/apkleaks
Homepagehttps://github.com/dwisiswant0/apkleaks
Repositoryhttps://github.com/dwisiswant0/apkleaks
Upstream docshttps://github.com/dwisiswant0/apkleaks#readme
LicenseApache-2.0
Source archivehttps://files.pythonhosted.org/packages/1e/e6/203661abe151dbc59096de65d6f0cf392d1aad3acba32f4e9f3f389acad0/apkleaks-2.6.3.tar.gz
Last updated2026-04-22T09:24:28Z
Pulseupdated
Dependenciesjadx, python@3.14
Uses from macOSlibxml2, libxslt
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameapkleaks
Version Scheme0
Revision2
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

apkleaks

nix profile install nixpkgs#apkleaks
  • normalized package name match
  • Matched by: Apkleaks
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/ap/apkleaks/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment