
<a href="https://github.com/andpalmier/apkingo/blob/main/LICENSE"><img alt="Software License" src="https://img.shields.io/badge/License-Apache%202.0-blue.svg"></a>
<a href="https://godoc.org/github.com/andpalmier/apkingo"><img alt="GoDoc Card" src="https://godoc.org/github.com/andpalmier/apkingo?status.svg"></a>
<a href="https://goreportcard.com/report/github.com/andpalmier/apkingo"><img alt="Go Report Card" src="https://goreportcard.com/badge/github.com/andpalmier/apkingo?style=flat-square"></a>
<a href="https://x.com/intent/follow?screen_name=andpalmier"><img src="https://img.shields.io/twitter/follow/andpalmier?style=social&logo=x" alt="follow on X"></a>
apkingo is an APK analysis tool written in Go. It extracts information from Android applications, such as permissions, metadata, certificate details, version code, supported CPU architectures, and integrates with VirusTotal and Koodous for malware detection.
-locale flag (e.g., -locale zh-CN)-dir flag-no-play-store flag to analyze APKs without internet access (useful in restricted network environments, air-gapped systems, or regions with limited connectivity)Download the pre-compiled binary for your system from the Releases page.
go install github.com/andpalmier/apkingo/cmd/apkingo@latest
brew tap andpalmier/tap
brew install apkingo
You can run apkingo directly using Docker without installing Go or downloading binaries.
# Analyze an APK (mount the directory containing the APK)
docker run --rm -v $(pwd):/mnt ghcr.io/andpalmier/apkingo -apk /mnt/target.apk
# Analyze an XAPK file
docker run --rm -v $(pwd):/mnt ghcr.io/andpalmier/apkingo -apk /mnt/app.xapk
# Analyze all APKs in a directory
docker run --rm -v $(pwd):/mnt ghcr.io/andpalmier/apkingo -dir /mnt
# Analyze and export JSON report
docker run --rm -v $(pwd):/mnt ghcr.io/andpalmier/apkingo -apk /mnt/target.apk -json /mnt/report.json
# Analyze a single APK
apkingo -apk <path_to_apk>
# Analyze an XAPK/APKS file
apkingo -apk <path_to_xapk>
# Analyze all APKs in a directory
apkingo -dir <path_to_directory>
# Analyze with API keys and export JSON
apkingo -apk <path_to_apk> -vtapi <VT_KEY> -kapi <KOODOUS_KEY> -json report.json
Extract the app name in a specific language:
# Default (English or app default)
apkingo -apk target.apk
# Simplified Chinese
apkingo -apk target.apk -locale zh-CN
# Japanese
apkingo -apk target.apk -locale ja
# Combine with Play Store locale for fully localized analysis
apkingo -apk target.apk -country cn -locale zh-CN
For enhanced analysis, you can provide API keys for VirusTotal and Koodous either via command-line flags or environment variables:
Environment Variables (Recommended):
export VT_API_KEY="your_virustotal_api_key"
export KOODOUS_API_KEY="your_koodous_api_key"
apkingo -apk <path_to_apk>
Command-Line Flags:
apkingo -apk <path_to_apk> -vtapi <YOUR_VT_KEY> -kapi <YOUR_KOODOUS_KEY>
| Flag | Description |
|---|---|
-apk |
Path to APK or XAPK file to analyze (required) |
-dir |
Analyze all APKs in a directory |
-json |
Path to export analysis in JSON format |
-country |
Country code of the Play Store (default: "us") |
-locale |
Locale for localized app name extraction (e.g., en, zh-CN) |
-vtapi |
VirusTotal API key (can also use VT_API_KEY env var) |
-kapi |
Koodous API key (can also use KOODOUS_API_KEY env var) |
-no-play-store |
Skip Play Store scraping for offline analysis |
-vtupload |
Upload the APK to VirusTotal after analysis (interactive prompt) |
apkingo -apk <path_to_apk>
apkingo analyzing an Android malware:

$ claude mcp add apkingo \
-- python -m otcore.mcp_server <graph>