-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added tool Apkleaks (by @appknox) #3052
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this submission! Just a few small suggestions :)
tools/android/MASTG-TOOL-0121.md
Outdated
--- | ||
title: Apkleaks | ||
platform: android | ||
source: https://github.com/dwisiswant0/apkleaks |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
source: https://github.com/dwisiswant0/apkleaks | |
source: https://github.com/dwisiswant0/apkleaks | |
host: | |
- windows | |
- linux | |
- macOS |
tools/android/MASTG-TOOL-0121.md
Outdated
|
||
Apkleaks [https://github.com/dwisiswant0/apkleaks] is an open-source utility designed for static analysis of Android APK files, with a primary focus on identifying sensitive data such as API keys, URLs, AWS S3 buckets, and Firebase URLs. This tool automates the process of string analysis, facilitating the detection of hardcoded secrets and potential security vulnerabilities within Android applications. | ||
|
||
It offers support for custom regular expression rules, enabling users to specify additional search criteria through a JSON configuration file [regexes.json](https://github.com/dwisiswant0/apkleaks/blob/master/config/regexes.json). This adaptability allows for a customized analysis, thereby increasing its effectiveness in various security testing contexts. The tool integrates smoothly into testing workflows and provides clear, actionable insights to support efficient vulnerability management. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It offers support for custom regular expression rules, enabling users to specify additional search criteria through a JSON configuration file [regexes.json](https://github.com/dwisiswant0/apkleaks/blob/master/config/regexes.json). This adaptability allows for a customized analysis, thereby increasing its effectiveness in various security testing contexts. The tool integrates smoothly into testing workflows and provides clear, actionable insights to support efficient vulnerability management. | |
It offers support for custom regular expression rules, enabling users to specify additional search criteria through a JSON configuration file [regexes.json](https://github.com/dwisiswant0/apkleaks/blob/master/config/regexes.json). |
Adjectives like "smoothly/clear/actionable/efficient" are very subjective/sales-y. I've removed the second sentence as it doesn't add any value.
tools/android/MASTG-TOOL-0121.md
Outdated
|
||
Apkleaks [https://github.com/dwisiswant0/apkleaks] is an open-source utility designed for static analysis of Android APK files, with a primary focus on identifying sensitive data such as API keys, URLs, AWS S3 buckets, and Firebase URLs. This tool automates the process of string analysis, facilitating the detection of hardcoded secrets and potential security vulnerabilities within Android applications. | ||
|
||
It offers support for custom regular expression rules, enabling users to specify additional search criteria through a JSON configuration file [regexes.json](https://github.com/dwisiswant0/apkleaks/blob/master/config/regexes.json). This adaptability allows for a customized analysis, thereby increasing its effectiveness in various security testing contexts. The tool integrates smoothly into testing workflows and provides clear, actionable insights to support efficient vulnerability management. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It offers support for custom regular expression rules, enabling users to specify additional search criteria through a JSON configuration file [regexes.json](https://github.com/dwisiswant0/apkleaks/blob/master/config/regexes.json). This adaptability allows for a customized analysis, thereby increasing its effectiveness in various security testing contexts. The tool integrates smoothly into testing workflows and provides clear, actionable insights to support efficient vulnerability management. | |
It offers support for custom regular expression rules, enabling users to specify additional search criteria through a JSON configuration file [regexes.json](https://github.com/dwisiswant0/apkleaks/blob/master/config/regexes.json). |
Adjectives like "smoothly/clear/actionable/efficient" are very subjective/sales-y. I've removed the second sentence as it doesn't add any value.
@TheDauntless made the requested changes. Please review it |
The next tool ID available is 0125 @TheDauntless |
@cpholguera I updated the file ID |
Closes #2818