efforg/apkeep — explained in plain English
Analysis updated 2026-07-16 · repo last pushed 2026-05-04
Download a specific version of an Android app for testing or research.
Compare the same app across different stores to see what each version contains.
Archive many Android apps at once by feeding the tool a CSV file.
Collect app installation files for security research or documentation.
| efforg/apkeep | nubskr/walrus | orhun/ratty | |
|---|---|---|---|
| Stars | 1,950 | 1,887 | 2,082 |
| Language | Rust | Rust | Rust |
| Last pushed | 2026-05-04 | — | — |
| Maintenance | Maintained | — | — |
| Setup difficulty | moderate | moderate | moderate |
| Complexity | 2/5 | 5/5 | 3/5 |
| Audience | researcher | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Downloading from Google Play requires an AAS token and risks account termination, so a burner Google account is recommended.
apkeep is a command-line tool that lets you download Android app installation files (APKs) from several app stores and repositories. Instead of manually hunting down app files through a browser, you run a single command and the tool fetches the APK for you. At a high level, you tell the tool which app you want by its package identifier (for example, com.instagram.android for Instagram) and which source to pull from. The default source is APKPure, a third-party site that requires no login. You can also point it at the Google Play Store with your Google account credentials, F-Droid (a repository for free and open-source Android apps), or the Huawei AppGallery. You can grab a specific version of an app, list available versions, or hand it a CSV file to download many apps in one run. It runs as a standalone binary, through Rust's package manager, on Android via Termux, or through Docker. This tool is built for anyone who needs Android app files for testing, research, or archiving, security researchers collecting samples, journalists documenting app behavior, or developers comparing versions across stores. For instance, a researcher could pull the same app from Google Play and F-Droid to compare what each version actually contains. For F-Droid downloads, it verifies that each file is signed by the maintainers and alerts you if that check fails. A couple of tradeoffs worth noting: pulling from the Google Play Store requires an AAS token and carries real risk, Google may terminate the account you use if it sees this activity as a Terms of Service violation, so the README advises using a burner account. Paid and DRM-protected apps are not available through this method, and using Tor tends to make downloads fail. The project is built in Rust and maintained by the Electronic Frontier Foundation.
A command-line tool for downloading Android app files (APKs) from multiple app stores like APKPure, Google Play, F-Droid, and Huawei AppGallery using a simple app identifier.
Mainly Rust. The stack also includes Rust, CLI, Docker.
Maintained — commit in last 6 months (last push 2026-05-04).
The license terms are not specified in the explanation, so it is unclear what permissions apply to using or modifying this software.
Setup difficulty is rated moderate, with roughly 30min to a first successful run.
Mainly researcher.
This repo across BitVibe Labs
Verify against the repo before relying on details.