APK Analysis
APKTool
sudo apt install -y apktoolapktool d -o decompiled_apk file.apkA good place to start looking for information is in ./decompiled_apk/res/values/strings.xml
grep -ilar passw decompiled_apkRecursively search for passw in the output directory; could also look for API keys, secrets, etc.
grep -ilar 'domain\.tld' decompiled_apkRecursively search for domain names in the output directory
JADX-GUI
sudo apt install -y jd-gui jadxjadx-gui &- File
- Open files...
- Select
.apkfile
- Select
- Open files...
The search function is very handy for finding interesting strings in the source code