Commands
scan-apk
An overview of the APK Scanner "scan-apk" command.
Overview
Scan a single or multiple apk files and check its:
- used libraries
- e.g.: anti-features, proprietary, tracking, etc.
- manifest entries
- e.g.: sensitive flags, intent-filters, permissions, etc.
- signing block
- e.g.: intrusive metadata, hidden payloads, etc.
- signing certificate
- e.g.: deny-listed, leaked, malformed, etc.
apk-scanner scan-apk [<options>] <apk>...
$> apk-scanner database setup --force
Database set up in 1757 ms
$> apk-scanner database setup
WARNING: existing data found, which will be destroyed!
Terminate the application, if this was a mistake!
Waiting for 30 seconds (this can be skipped with using the force option):
30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
Database set up in 2027 ms
Options
-j, --json
no|yes|pretty
Store the scan result as json file.
- Supported values:
no- Do not store scan output as json file.
Yes- Store scan output as minified json file.
pretty- Store scan output as json file with human-readable formatting.
--json-exclude-defaults / --json-include-defaults
flag
Exclude default values when storing the scan result as json file.
While this may result in smaller json files, the resulting json files may be interpreted differently by consumers.
-o, --output
path
A directory where scan output should be stored. The directory will be created, if it does not already exist.
- Defaults to
output.
--output-subdirectory
flag
Store the scan output in a subdirectory within the output directory.
--output-with-apk
flag
Store the scan output next to the APK file(s) (suffixed with '.json') instead of writing to a file within the specified output directory.
Arguments
apk
file(s)
A single or multiple apk files which should get scanned, e.g.:
/path/to/apk/path/to/first.apk /path/to/second.apk /path/to/third.apk