loading
loading
Utilities
Decode Android APK files into smali sources and resources.
overview
apktool-decode unpacks an Android APK back into its constituent parts. It disassembles the compiled bytecode into smali, decodes the binary resources and AndroidManifest.xml into readable form, and lays everything out as a folder you can inspect. That turns an opaque app package into a browsable source tree, which is the starting point for mobile static analysis.
Once decoded, the output feeds the rest of a mobile recon pipeline: grep the smali and resources for hardcoded URLs, API keys, and endpoints, read the manifest for exported components and permissions, and pull strings worth testing. You can skip resource or source decoding when you only need one half, and point it at framework files when an app depends on a custom framework.
On Trickest, apktool-decode is a Utilities node that takes an APK file and writes a folder of decoded output. Run it as the first stage of an Android analysis workflow, batch it across a set of APKs, then chain endpoint extractors and secret scanners against the resulting source trees.
use cases
Decode an APK into smali, resources, and a readable manifest so the app's logic, permissions, and components can be reviewed offline.
Produce a source tree that endpoint extractors and secret scanners can grep for hardcoded URLs, API keys, and credentials.
Decode AndroidManifest.xml to inspect exported activities, services, and permissions that define what the app exposes.
Run the node across a set of collected APKs in one workflow, writing a decoded tree per app so a fleet of mobile builds can be reviewed in a single pass.
reference
| Name | Type | Flag | Description |
|---|---|---|---|
| apk-file | FILE | · | APK file to decode. |
| no-res | BOOLEAN | --no-res | Do not decode resources. |
| no-src | BOOLEAN | --no-src | Do not decode sources. |
| frame-path | FOLDER | --frame-path | Use framework files located in this folder. |
| frame-tag | STRING | --frame-tag | Use framework files tagged by this tag. |
Showing key inputs. apktool-decode exposes 5 inputs in total.
example
# decode an APK, skip resources, write to a named folderapktool d example.apk --no-res -o example-decodedI: Using Apktool 2.9.3 on example.apkI: Loading resource table...I: Decoding AndroidManifest.xml with resources...I: Loading resource table from file: /root/.local/share/apktool/framework/1.apkI: Regular manifest package...I: Decoding file-resources...I: Decoding values */* XMLs...I: Baksmaling classes.dex...I: Copying assets and libs...guidance
Use apktool-decode as the first step of any Android app review, when you have an APK and need its source tree, resources, and manifest. It only unpacks, so follow it with endpoint extractors like apkurlgrep and secret scanners against the decoded folder.
Extracts endpoints from an APK directly. Run it on the decoded output, or standalone for URLs only.
Decompiles APKs to readable Java rather than smali. Easier to read, when Java reconstruction is the goal.
faq
related
Import, export, and link workflow data with Airtable.
Check a file's values against conditions and exit with a matching code.
Extract all hosted zones from AWS Route53.
Output file lines by batch size, given START_LINE and END_LINE.
Extract a batch range from a file's lines or a folder's files, with parallel processing.
Organize all the community Nuclei templates from across the ecosystem in one place.
An APK feeds apktool-decode, which unpacks it into a source tree that apkurlgrep mines for endpoints before they land as a queryable output.
Facts on this page come from the live Trickest tool library.