Enter : a lightweight, CLI-first metadata sifter that treats your APK collection like a library rather than a landfill. What is APKTag? At its core, APKTag is a metadata extraction and tagging engine. It doesn't decompile your DEX bytecode into Java (that would take forever). Instead, it surgically extracts the high-signal data that every reverse engineer actually searches for, then stuffs that data into a SQLite database you can query in milliseconds.
APKTag gives you that priority. It whispers: "Ignore the 50 weather apps. Focus on the one that contains the string 'dexguard' and requests 'INSTALL_PACKAGES'." APKTag is available as a standalone Rust binary (no Python environment or JVM required). You can install it via Cargo: cargo install apktag apktag
Or grab the prebuilt binaries for Linux, macOS, and Windows from the GitHub releases page . Enter : a lightweight, CLI-first metadata sifter that
The Android reverse engineering community has long solved the problem of decompiling code (thanks, apktool and jadx ). But until recently, no one seriously solved the problem of it. It doesn't decompile your DEX bytecode into Java
# Inotify on a "drop_folder" apktag tag --recursive ./incoming --db ~/my_index.db apktag search --db ~/my_index.db --tag "crypto_mining" --format csv You can also use it as a poor man's VirusTotal. Before manually reversing a new APK, run:
Imagine a simple watcher script:
Every reverse engineer knows the feeling. You have a folder on your desktop labeled "Mystery APKs" or "Old_Apps_2023." Inside are 50 files named base.apk , com.example.wallet_v2.apk , and legacy_app_final_fixed.apk . When you need to find that one specific banking trojan you analyzed six months ago, you end up grepping through strings or—let’s be honest—just giving up and re-downloading it.