macOS
brew install apkleakslocal Homebrew formula metadata
brew
Scanning APK file for URIs, endpoints & secrets. Version 2.6.3 via Homebrew; verified 2026-04-22.
install
brew install apkleakslocal Homebrew formula metadata
nix profile install nixpkgs#apkleaksnixpkgs package indexes · pkgs/by-name/ap/apkleaks/package.nix · source: api.github.com
overview
Scanning APK file for URIs, endpoints & secrets
history
APKLeaks is a Python CLI for scanning APK files for URIs, endpoints, and secrets. It is part Android reverse-engineering helper, part bug-bounty reconnaissance tool, and part regex-based secret scanner.
The public GitHub repository was created in May 2020. Its README positions the tool around APK scanning and documents installation from PyPI, source, and Docker, with jadx used as the disassembler when available.
The README credits apkurlgrep as an inspiration and acknowledges pattern sources and related tooling such as truffleHogRegexes, LinkFinder, gf patterns, dex2jar, and a standalone APK parser. That makes the project a packaging point for several mobile-reconnaissance ideas rather than a pure APK parser.
The project is distributed through PyPI, Docker, and source installation according to its README. The supplied package metadata also records Homebrew and Nix packages, showing that the tool crossed from Python security circles into general CLI package indexes.
GitHub repository metadata showed more than 6k stars and hundreds of forks at research time, which is unusually high for a narrow APK scanner and reflects adoption in mobile-security and bug-bounty workflows.
The common invocation is apkleaks -f path/to/file.apk, with optional output file selection, JSON output, custom pattern JSON via --pattern, and disassembler arguments passed through with --args. If no output path is supplied, the README says it generates a result file automatically.
APKLeaks does not document a fixed user config file. Pattern customization is an explicit per-run path to a JSON rules file, while the default regexes live inside the project repository.
APKLeaks is interesting as a small packaged security CLI because it composes other tools and pattern corpora behind a simple command. Package users care less about a library API and more about whether pipx, brew, nix, or Docker can put a scanner in PATH quickly during APK triage.
Its release stream also shows maintenance for platform compatibility, including Python 3.12 and 3.13 support and a move to pyproject.toml in the 2.6.x series.
security posture
narrow executable package without higher-risk signals.
green risk · low confidence · appliance
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
apkleaks | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/dwisiswant0/apkleaks
install metadata
| Package key | brew:apkleaks |
|---|---|
| Version | 2.6.3 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/apkleaks |
| Homepage | https://github.com/dwisiswant0/apkleaks |
| Repository | https://github.com/dwisiswant0/apkleaks |
| Upstream docs | https://github.com/dwisiswant0/apkleaks#readme |
| License | Apache-2.0 |
| Source archive | https://files.pythonhosted.org/packages/1e/e6/203661abe151dbc59096de65d6f0cf392d1aad3acba32f4e9f3f389acad0/apkleaks-2.6.3.tar.gz |
| Last updated | 2026-04-22T09:24:28Z |
| Pulse | updated |
| Dependencies | jadx, python@3.14 |
| Uses from macOS | libxml2, libxslt |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | apkleaks |
| Version Scheme | 0 |
| Revision | 2 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
apkleaks
nix profile install nixpkgs#apkleakssource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.