Static analysis · Android · v3
Ship safer
Ship safer
Android apps.
A static security scanner for .apk files. Real DEX parsing, AXML manifest, signing certificate, entropy-aware secrets. All running in your browser. Nothing leaves the tab.
or drop a file anywhere on the page
100% client-side
No upload, no telemetry
Browser-based, no install
~/Downloads/MyApp.apk
READY
Drop
.apk to scanor click to select · max 1 GB
DEXHeader · Strings · Classes · Methods · Bytecode
ManifestPermissions · Activities · Services · Intent Filters
CertSubject · Issuer · Sig Alg · v1/v2 · Debug · Expiry
SecretsAWS · Stripe · JWT · PEM · Entropy
App Name
package.name
Application
Dangerous Permissions
Trackers & SDKs
URLs found in DEX
Findings
0
Package & SDK
All Permissions 0
Raw AndroidManifest.xml
Components
Signing Certificate
Signature Scheme
Select a file from Quick Access or the tree