AppShark is an open-source static taint-analysis platform developed by ByteDance designed to scan Android application packages (APKs) for potential security or privacy vulnerabilities. It performs code analysis without executing the app — inspecting APK contents, tracking data flows (taints), and detecting risky patterns such as insecure file access, unsafe API usage, resource-leak possibilities, or misconfigurations. Users can customize scanning via rule sets (written in JSON), defining which types of vulnerabilities or compliance issues to detect — making AppShark flexible and adaptable to different security policies or threat models. Because it is static and rule-driven, AppShark can scale to large codebases, be integrated into CI/CD pipelines, or operate as part of security audits before publishing or distribution. After analysis, it outputs structured results (e.g. JSON summaries) detailing detected risks, their paths, and metadata.

Features

  • Static taint-analysis for Android APKs — tracks sensitive data flows and detects security/privacy issues before app execution
  • JSON-based customizable scanning rules — letting users define which vulnerability patterns or compliance rules to check per project
  • Support for large or complex apps — scalable analysis suitable for big codebases or multiple-module projects
  • Output results in structured format (JSON), including risk details, call chains, and metadata — facilitates automated audits or CI integration
  • Configurable engine parameters (e.g. pointer-analysis timeouts, rule paths, debug logging) for flexibility and performance tuning
  • Open-source under Apache-2.0 license — free to inspect, extend, integrate, or adapt for enterprise- or research-level security workflows

Project Samples

AppShark Screenshot 1

Project Activity

See All Activity >