Apktag -

Enter : a lightweight, CLI-first metadata sifter that treats your APK collection like a library rather than a landfill. What is APKTag? At its core, APKTag is a metadata extraction and tagging engine. It doesn't decompile your DEX bytecode into Java (that would take forever). Instead, it surgically extracts the high-signal data that every reverse engineer actually searches for, then stuffs that data into a SQLite database you can query in milliseconds.

Imagine a simple watcher script:

APKTag gives you that priority. It whispers: "Ignore the 50 weather apps. Focus on the one that contains the string 'dexguard' and requests 'INSTALL_PACKAGES'." APKTag is available as a standalone Rust binary (no Python environment or JVM required). You can install it via Cargo: cargo install apktag apktag

Think of it as exiftool for Android, combined with a search engine. Most analysts rely on aapt dump badging to get package names and versions. APKTag does that, but then goes five layers deeper. Enter : a lightweight, CLI-first metadata sifter that

Every reverse engineer knows the feeling. You have a folder on your desktop labeled "Mystery APKs" or "Old_Apps_2023." Inside are 50 files named base.apk , com.example.wallet_v2.apk , and legacy_app_final_fixed.apk . When you need to find that one specific banking trojan you analyzed six months ago, you end up grepping through strings or—let’s be honest—just giving up and re-downloading it. It doesn't decompile your DEX bytecode into Java

# Inotify on a "drop_folder" apktag tag --recursive ./incoming --db ~/my_index.db apktag search --db ~/my_index.db --tag "crypto_mining" --format csv You can also use it as a poor man's VirusTotal. Before manually reversing a new APK, run: