Validate APK Files: Magic Bytes & Python/Node Examples | FileSignature

Magic Bytes

Offset: 0


            50 4B 03 04 50 4B 05 06 50 4B 07 08

Android Package (APK) is the package file format developed by Google and the Open Handset Alliance for the distribution and installation of mobile applications on the Android operating system. It serves as a ZIP-based container for compiled code, resources, and manifest files necessary for software deployment on mobile devices. Although the format is standard for local installations, users should exercise caution as APKs can execute arbitrary code and may contain malware if obtained from unverified third-party sources.

Extension

.apk

MIME Type

application/octet-stream

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .apk files in Python

Python

def is_apk(file_path: str) -> bool:
    """Check if file is a valid APK by magic bytes."""
    signature = bytes([0x50, 0x4B, 0x03, 0x04, 0x50, 0x4B, 0x05, 0x06, 0x50, 0x4B, 0x07, 0x08])
    with open(file_path, "rb") as f:
        return f.read(12) == signature

How to validate .apk files in Node.js

Node.js

function isAPK(buffer: Buffer): boolean {
  const signature = Buffer.from([0x50, 0x4B, 0x03, 0x04, 0x50, 0x4B, 0x05, 0x06, 0x50, 0x4B, 0x07, 0x08]);
  return buffer.subarray(0, 12).equals(signature);
}

Go

func IsAPK(data []byte) bool {
    signature := []byte{0x50, 0x4B, 0x03, 0x04, 0x50, 0x4B, 0x05, 0x06, 0x50, 0x4B, 0x07, 0x08}
    if len(data) < 12 {
        return false
    }
    return bytes.Equal(data[:12], signature)
}

API Endpoint

GET /api/v1/apk


              curl https://filesignature.org/api/v1/apk

Magic Bytes

Validation Code

How to validate .apk files in Python

How to validate .apk files in Node.js

API Endpoint

Related Formats