Dexray Insight Documentation
Dexray Insight is a comprehensive Python-based Android APK static analysis tool that performs security analysis using a modern object-oriented architecture following SOLID principles. It’s part of the Sandroid dynamic sandbox project and provides multiple analysis modules for examining Android applications with enhanced Strategy Pattern implementation for secret detection.
Features
Comprehensive APK Analysis: Deep static analysis of Android applications
Enhanced Security Assessment: OWASP Top 10 security checks with 54-pattern secret detection using Strategy Pattern
SOLID Architecture: Refactored codebase following Single Responsibility, Open/Closed, and other SOLID principles
Strategy Pattern Implementation: Modular secret detection with 5 focused strategies for maintainability
Native Binary Analysis: Radare2-powered analysis of .so files
Third-party Library Detection: Identify and analyze embedded libraries using multi-stage detection
Signature Detection: VirusTotal, Koodous, and Triage API integration
Parallel Execution: Multi-threaded analysis with dependency-aware scheduling
Configurable Modules: Enable/disable analysis components via YAML configuration
Docker Support: Containerized analysis environment
Quick Start
Installation:
# Development installation
python3 -m pip install -e .
# Standard installation
python3 -m pip install dexray-insight
Basic Usage:
# Basic APK analysis
dexray-insight path/to/app.apk
# Enable security assessment
dexray-insight path/to/app.apk -s
# Enable signature checking with API keys
dexray-insight path/to/app.apk -sig
# Deep behavioral analysis
dexray-insight path/to/app.apk --deep
# With custom configuration (the configuration file dexray.yaml will be used by default)
dexray-insight path/to/app.apk -c mydexray.yaml
Documentation Contents
API Reference