Whitehat987

Whitehat987 / apkshield-pt

Public

Android Penetration Testing Tool — Auto Root Detection & SSL Pinning Bypass with Frida Script Generation

android frida frida-scripts mobile-security penetration-testing
19
0
60% credibility
Found May 17, 2026 at 20 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

APKShield-PT is a penetration testing toolkit for Android applications. It takes an app file, extracts and analyzes its source code, and identifies security mechanisms like root detection (which checks if a device has been modified) and SSL pinning (which verifies secure connections to servers). The tool can optionally use AI to find custom or hidden bypass methods, then generates ready-to-use scripts that security researchers can run to temporarily disable these protections during authorized testing. It produces detailed reports showing what protections were found and how to address any vulnerabilities.

How It Works

1
🔍 You discover a security testing tool

You hear about a tool that helps security researchers test if Android apps are properly protected against tampering.

2
📱 You select an app to analyze

You choose an Android app file that you have legal permission to test, such as one you're developing or have authorized access to.

3
🔓 The tool reads the app's hidden code

The tool carefully extracts and reads the app's source code, revealing how it protects itself from tampering.

4
Two security checks are examined
📋
Root Detection

Looks for code that checks if your device has been modified or has special access

🔒
SSL Pinning

Finds code that verifies the app is connecting to the real server, not an imposter

5
🤖 AI helps find hidden tricks

An optional AI assistant reviews the code to discover any custom or disguised security bypass methods that standard tools might miss.

6
📝 Custom bypass scripts are created

The tool generates ready-to-use scripts that can temporarily disable the detected security checks for testing purposes.

You complete your security audit

You receive a complete report showing what protections the app uses and how well they work, helping developers fix any weaknesses.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 20 to 19 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is apkshield-pt?

APKShield-PT is a Python-based Android penetration testing toolkit that automates the tedious work of bypassing security controls in mobile apps. You point it at an APK, and it decompiles the app, scans for root detection mechanisms (like RootBeer library checks, binary path scans, SafetyNet/Play Integrity calls), identifies SSL pinning implementations (OkHttp CertificatePinner, custom TrustManagers, Network Security Config), and automatically generates ready-to-use Frida bypass scripts. The tool handles the pattern-matching grunt work so you can focus on actual testing. It also optionally taps into Claude AI to analyze obfuscated code and generate custom hooks for techniques the built-in patterns miss.

Why is it gaining traction?

The main hook is the automated Frida script generation. Instead of manually writing hooks for each detected protection, you get a complete bypass script in seconds. The pattern database covers a wide range of common libraries and techniques, which means it works out of the box on many apps without customization. The AI integration is the differentiator for handling custom or obfuscated protections that standard patterns won't catch.

Who should use this?

Android penetration testers and security researchers who regularly need to bypass root detection and SSL pinning. Mobile app security auditors will find it useful for quickly assessing an app's anti-tampering defenses. Bug bounty hunters targeting mobile apps can use it to accelerate their workflow. This is not for beginners; you need Frida experience and understanding of Android security fundamentals to make sense of the output.

Verdict

APKShield-PT is a practical automation tool for an established workflow, but the 0.6000000238418579% credibility score and 19 stars reflect a nascent project with limited community validation. The code quality appears reasonable, the feature set is solid, and the AI integration adds real value for edge cases. However, the low star count means you're an early adopter sharing the risk. Try it on a test APK first to see if it fits your workflow before relying on it for real engagements.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.