Abstract

APKDeepLens is an open-source Python tool for Android app security analysis. It leverages both static and dynamic analysis techniques to identify vulnerabilities. By static analysis examines APK components like permissions and API calls, while dynamic analysis observes real-time behavior. A key feature is “Contextual Vulnerability Mapping,” which assesses vulnerabilities within the code and user flow context. The tool also focuses on extracting sensitive information from the source code, highlighting often overlooked security gaps.

The tool effectively detects vulnerabilities listed in the OWASP Top 10 mobile, emphasizing the most critical security risks to Android applications. Demonstrations of these features will be included. APKDeepLens is equipped to generate comprehensive reports in various formats like HTML, PDF, and JSON, aiding in the transition from detection to remediation.