Skip to main content

Apktag

apktag similar --apk new.apk If the tool returns five other APKs with overlapping URL patterns and native libraries, you know you are looking at a rebranded malware family. To be fair, APKTag is not a disassembler. It won't tell you the logic of the obfuscated C2 callback routine. It doesn't unpack Themida or Alibaba packers. If an app encrypts its strings (as most modern bankers do), APKTag will miss those URLs.

Tools like APKTag represent a shift from analysis to . The hard part of reverse engineering isn't reading assembly anymore (AI assistants are getting good at that). The hard part is knowing what to look at first. apktag

apktag find --signer 6c9a...f3e2 And instantly get a timeline of every app that developer has ever touched. Where APKTag shines is automation. Because it is a CLI tool that outputs JSON by default, it fits neatly into malware pipelines. apktag similar --apk new

Or grab the prebuilt binaries for Linux, macOS, and Windows from the GitHub releases page . It doesn't unpack Themida or Alibaba packers

Once installed, index your entire archive: apktag index ~/Downloads/APKs/ --recursive --db android_archive.db

You can run:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close