Skip to content

v2.0.3
Compare
Choose a tag to compare
@CalebFenton CalebFenton released this 01 Jun 00:53
· 236 commits to master since this release
v2.0.3
bbe324f
  • Add check for zip entry types before trying to scan them
  • Handle duplicate zip entries via ZipFile.infolist()
  • Make OutputFormatter.build_json_output public
  • Change default typing behavior to magic

The zip entry type check is a minor optimization. The previous behavior was to assume all zip entries should be scanned. Here's a quick benchmark to show that using filename typing (which is faster than magic bytes), you can save a bunch of time. Of course, you'll miss "hidden" files that aren't named with the correct extension. If you use APKiD forensically or with malware, you should either use the default option. If you have some weird custom rules, you might even want to use --typing none.

Here's some benchmarking data:

apkid test-data --typing filename  23.96s user 1.49s system 98% cpu 25.844 total
apkid test-data --typing magic  41.05s user 2.37s system 98% cpu 43.922 total
apkid test-data --typing none  41.66s user 2.19s system 98% cpu 44.640 total
Assets 2
Loading