A command-line tool that extracts API endpoints from React Native Android applications by decompiling the APK and scanning the JavaScript bundle.
- Decompiles the APK using
apktool - Detects whether the app was built with React Native by inspecting
AndroidManifest.xmland looking forassets/index.android.bundle - Beautifies the JavaScript bundle with
jsbeautifier - Extracts URLs and API endpoints using regex pattern matching
- Python 3.x
- apktool — must be installed and available on
PATH
| Package | Version |
|---|---|
| jsbeautifier | 1.14.7 |
| editorconfig | 0.12.3 |
| six | 1.16.0 |
git clone https://github.com/h4pp1n3ss/extractor.git
cd extractor
pipenv install -r requirements.txtpython extractor.py --apk <APK_FILE>python extractor.py --apk com.example.app.apkThe tool will:
- Decompile the APK into
com.example.app_out/ - Detect React Native usage
- Extract and print all discovered endpoints
extractor/
├── extractor.py # Entry point / CLI argument parsing
└── react_extractor/
├── main.py # Orchestration logic
├── commands.py # apktool decompilation, bundle extraction, endpoint extraction
├── utils.py # Helpers: tool checks, file checks, React Native detection
└── exceptions.py # Custom exceptions
| Exception | Raised when |
|---|---|
ExecutionFailedException |
apktool returns an error during decompilation |
BinaryNotFoundException |
A required binary is not found on the system |
FileNotFoundException |
An expected file is missing |
- h4pp1n3ss
- Version: 0.1