=====================================================
__ __ __
_ __ __ /\ \/ \ /\ \__
/\` __\ / ,.`\ \ \ < \ \ ,_\
\ \ \/ /\ __/ \ \ ^ \ \ \ \/
\ \_\ \ \____\ \ \_\ \_\ \ \ \_
\/_/ \/____/ \/_/\/_/ \ \__\
\/__/
=====================================================
How to get rekt:
Pull the image and bindmount a volume scan containing the APK:
$ docker pull @thibmaek/rekt
$ docker run -it --rm -v $(pwd)/scan:/scan @thibmaek/rekt <apk>A typical run of rekt using the cli involves running:
- Decompile - Getting plain readable files
- Probe - Gathering info about the decompiled app
- Break - Finding secrets and credential files
Given an APK com.my_app.apk you'd get the results like this:
$ rekt decompile -apk=./com.my_app.apk
$ rekt probe -outputDir=./scan/com_my_app
$ rekt break -outputDir-./scan/com_my_app$ rekt decompile -apk=./com.my_app.apkOptionally provide an output directory -outputdir. Defaults to ./scan/<bundle_id>
$ rekt decompile -apk=./com.my_app.apk -outputDir=./decompiled_app$ rekt probe -inputDir=./scan/com_my_app$ rekt break -inputDir=./scan/com_my_app# Build Docker & Go
$ make build
# Build only the docker image
$ make build_docker
# Build only the CLI
$ make build_cli- Support for iOS IPA archives
- Gitlab CI support
- Github Actions support
- Azure Devops support