Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
- Maintainers
- 1
buildapp
Cross-Platform script used to recompile APK that was decompiled by apktool
That way, you can decompile an application, patch it's smali-source / resources / manifest / libs / ...
And rebuild it into a new apk you may install in your devices
NOTE that you should use this tool for debugging / educational purposes only!
NOTE that you must accept the LICENSE of the tools listed in the requirements section
Installation
Simply run:
pip install buildapp --upgrade && buildapp_fetch_tools
Make sure to have python scripts folder in your path,
And use the correct version of pip for python3
Decompilation process
Use apktool to decompile your application.
Apktool decompilation syntax:
apktool d <apk_path> -o <output_folder>
Patching process
Just change anything you want, native-elfs in /lib folder, smali-code from smali folders, manifest file AndroidManifest.xml, resources, assets and whatever's out there
Recompilation process
Simply use our tool, the syntax is:
buildapp -d <sources_folder> -o <outout_apk>
For additional flags, ran buildapp -h
- apktool build
- Use apktool to rebuild the apk from the sources folder
-
apktool b <sources_folder> -o <output_apk>
- zip-alignment
- apk is implemented as a zip file which should have the correct alignment in order to be installed
- implemented using
zipalign
- obtain keystore
- our tool will use a default keystore if you won't provide one
- you may use
keytoolto generate your own keystores
- apk signing
- our tool will sign the apk using the keystore mentioned above
- implemented using
apksigner
- apk installation
- if asked to, buildapp will install the signed apk on connected adb device (if there's only one)
NOTE that if you won't provide the same keystore as the original app already installed on your device, you may not be able to install the apk you built by this script unless you'll uninstall the original app first. - implemented using
adb
- if asked to, buildapp will install the signed apk on connected adb device (if there's only one)
And that's it! Now you have a new apk, waiting to be installed it on your android devices!
Requirements
The project uses these tools (can be fetched using buildapp_fetch_tools after pip install buildapp):
- android SDK tools (download build_tools, download platform_tools)
- adb (default at SDK\platform_tools, only required if
-iflag is used) - zipalign (default at SDK\build_tools)
- apksigner (default at SDK\build_tools)
- adb (default at SDK\platform_tools, only required if
- apktool installation manual
FAQs
Apk builder script
We found that buildapp demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025