Home Original page

GitHub - APKLab/APKLab: Android Reverse-Engineering Workbench for VS Code

The ultimate Android RE experience right inside your VS Code.

APKLab seamlessly integrates the best open-source tools: Apktool, smali-lsp, Jadx, uber-apk-signer, apk-mitm and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE.

Version Download Installs CI

Telegram Matrix XDA Developers

Features

  • Decode/Edit/Rebuild app resource files
  • Disassemble/Mod/Rebuild an APK to/from Smali
  • Decompile the APK to Java source
  • Excellent Smali language support with smali-lsp — go to definition, find references, hover, call/type hierarchy, code lens, completion, diagnostics
  • Analyze & mod effectively in VS Code with full IDE features
  • Sign & Install the APK after rebuild
  • Generate Frida hooks for any smali methods
  • Inject Frida gadget into APK with automatic main activity patching
  • Initialize git repo in project dir to track changes
  • Apply MITM patch for HTTPS inspection
  • Interactive Malware Analysis Report
  • Support for Apktool-style projects (apktool.yml)
  • Support for Apktool 3.0+ CLI arguments
  • Android resource frameworks management
  • Support for user-provided keystore for APK signing
  • Check for update and install needed tools automatically
  • Supports Linux, Mac and WSL2

Requirements

  • JDK 17+

    Run java -version in your Shell, if not found, download from here.

  • quark-engine >=21.01.6 (optional - for malware analysis)

    Run quark in your Shell, if not found, check official docs.

  • adb (optional)

    Run adb devices in your Shell, if not found, check this guide.

Getting Started

Open APK or Apktool project

  • Open the Command Palette (Ctrl+Shift+P) ➜ APKLab: Open an APK

    decode.gif

  • Or Just open an existing Apktool project folder

Apply MITM patch

  • Right-Click on or inside apktool.yml file ➜ APKLab: Prepare for HTTPS inspection

    mitm.gif

ReBuild and Sign APK

  • Right-Click on or inside apktool.yml file ➜ APKLab: Rebuild the APK

    rebuild.gif

Install APK to device

  • Right-Click on .apk file (in dist directory) ➜ APKLab: Install the APK

    install.gif

Generate Frida Hook

  • Right-Click inside a .method in a .smali file ➜ APKLab: Generate Frida Hook
  • Hook is appended to frida_hooks.ts in the project root

Inject Frida Gadget

  • Right-Click on or inside apktool.yml file ➜ APKLab: Inject Frida Gadget
  • Select the gadget .so file, target architecture, and the main activity is patched automatically

Clean ApkTool frameworks dir

  • Open the Command Palette (Ctrl+Shift+P) ➜ APKLab: Empty ApkTool Framework Dir

Extension Settings

Dependency Paths

  • apklab.apktoolPath: Full Path of apktool.jar. If you want to use a different version of it, change it like:

    "apklab.apktoolPath": "/home/oozer/downloads/apktool_2.4.1.jar"

  • apklab.apkSignerPath: Full Path of uber-apk-signer.jar. If you want to use a different version of it, change it like:

    "apklab.apkSignerPath": "/home/oozer/downloads/uber-apk-signer-1.1.0.jar"

  • apklab.jadxDirPath: Full Path of jadx-x.y.z dir. If you want to use a different version of it, change it like:

    "apklab.jadxDirPath": "/home/oozer/downloads/jadx-1.1.0"

  • apklab.smaliLspPath: Full Path of smali-lsp.jar. If you want to use a different version of it, change it like:

    "apklab.smaliLspPath": "/home/oozer/downloads/smali-lsp.jar"

  • apklab.javaPath: Path to the Java executable (default: java). Change it if Java is not on your PATH:

    "apklab.javaPath": "/usr/lib/jvm/java-17/bin/java"

Keystore configuration

  • apklab.keystorePath: Put the absolute path of your Java keystore(.jks or .keystore) file here.

    "apklab.keystorePath": "/home/oozer/downloads/debug.keystore"

  • apklab.keystorePassword: Put the password of your keystore here.

  • apklab.keyAlias: Put the alias of the used key in the keystore here.

  • apklab.keyPassword: Put the password of the used key in the keystore here.

Additional configuration
  • apklab.initProjectDirAsGit: Initialize project output directory as Git repository.
  • apklab.updateTools: Whether APKLab should check for tools (for apklab, jadx...) update and show a notification.
  • smaliLsp.trace.server: Traces the communication between VS Code and the Smali Language Server (off, messages, verbose).

Known Issues

Please check our Bug tracker for known issues.

Contribution Guide

For bug reports, feature requests or simply discussing an idea, please open an issue here. PRs are always welcome.

Changelog

Credits

Details