=====================================================
__ __ __
_ __ __ /\ \/ \ /\ \__
/\` __\ / ,.`\ \ \ < \ \ ,_\
\ \ \/ /\ __/ \ \ ^ \ \ \ \/
\ \_\ \ \____\ \ \_\ \_\ \ \ \_
\/_/ \/____/ \/_/\/_/ \ \__\
\/__/
=====================================================
How to get rekt:
Pull the image and bindmount a volume scan
containing the APK:
$ docker pull @thibmaek/rekt
$ docker run -it --rm -v $(pwd)/scan:/scan @thibmaek/rekt <apk>
A typical run of rekt using the cli involves running:
- Decompile - Getting plain readable files
- Probe - Gathering info about the decompiled app
- Break - Finding secrets and credential files
Given an APK com.my_app.apk
you'd get the results like this:
$ rekt decompile -apk=./com.my_app.apk
$ rekt probe -outputDir=./scan/com_my_app
$ rekt break -outputDir-./scan/com_my_app
$ rekt decompile -apk=./com.my_app.apk
Optionally provide an output directory -outputdir
. Defaults to ./scan/<bundle_id>
$ rekt decompile -apk=./com.my_app.apk -outputDir=./decompiled_app
$ rekt probe -inputDir=./scan/com_my_app
$ rekt break -inputDir=./scan/com_my_app
# Build Docker & Go
$ make build
# Build only the docker image
$ make build_docker
# Build only the CLI
$ make build_cli
- Support for iOS IPA archives
- Gitlab CI support
- Github Actions support
- Azure Devops support