Extract and display certificate information from APK files
Explore the code »
AndroCert is a Python tool designed to parse APK files and extract detailed information about the signing certificate(s), including:
- Hash fingerprints (SHA1, SHA256, MD5)
- Public key size and digest
- Issuer and subject info
- Validity period
- Inferred signature algorithm
Simple, effective, and built for mobile app pentesters or developers who want to verify APK signature details quickly.
$ python3 androcert.py /path/to/file.apk
APK: universal.apk
Binary is signed: True
v1 signature: False
v2 signature: True
v3 signature: True
v4 signature: False
Algorithme de signature (inféré): SHA256withRSA
X.509 Subject: C=US,O=Android,CN=Android Debug
Signature Algorithm: rsassa_pkcs1v15
Valid From: 2022-09-09T19:23:49+00:00
Valid To: 2052-09-01T19:23:49+00:00
Issuer: C=US,O=Android,CN=Android Debug
Serial Number: 0x1
md5: 666c6af47d518b47ba557aaf5a9f4b56
sha1: de3d0b3929f72f47f4f9f5033396e9e92fadcea4
sha256: ce28b498601acd8b3a2df41b0f0e881e9e3f9cf23892e2ba02a70f8224d8b40a
sha512: 47f7cd785258eb6a15d24b3a14d0e6106d702dc5d5105d30bfd07a52ce4d78aa52bdd59dec73810b6baea1822b5b0c928287d04d87f8036cb745b4823eb15277
PublicKey Algorithm: rsa
Bit Size: 2048
Clé publique (DER, hex, début): 30820122300d06092a864886f70d01010105000382010f003082010a02820101...
Found certificates: 1To use AndroCert, you need:
- Python ≥ 3.8
pyaxmlparsercryptography
You can install dependencies with:
pip install -r requirements.txtOr manually:
pip install pyaxmlparser cryptographyContributions are welcome!
If you find a bug or want to add a new feature, feel free to fork and submit a pull request.
Steps to contribute:
- Fork the project
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'feat: add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a pull request
Régis SENET
https://github.com/rsenet
This project is licensed under the GPLv3 License