Checks apk(s) for known trackers (provided by Exodus) +other warnings and specs.
About this app
Checks apps for code signatures of known trackers (provided by Exodus). Also can list all classes for launchable (via the app drawer) packages.
Can be used against any APK:
* installed: via an app manager or built-in ApplicationInfos/PermissionInfos,
* downloaded: via any file manager (long press and open with ClassyShark3xodus),
* launchable installed: via the first screen list (long press to display dynamic manifest).
Note: doesn't work on odexed/system packages (it's a work-in-progress).
Finally, the app doesn't sync or connect to the Internet and thus cannot sneak on end users.
The app is updated when Exodus updates their list of trackers: https://reports.exodus-privacy.eu.org/api/trackers
(Can display any *.xml file stored on the device.)
Other features: - Selinux device & per app: appZygote + read_log + shareUser detection, - dynamic & static androidManifest, - full permissions device explorer (via Super#1), - complete apk(s) device explorer (via additional icon) - install & update Date per app, - certificate & fileSum fingerprints details at each scan.
ClassyShark3xodus is based on Google's ClassyShark: https://github.com/google/android-classyshark (and apps_Packages Info: https://f-droid.org/en/packages/com.oF2pks.applicationsinfo/).
Licensed under Apache-2.0.
What's New in v2.0-34
Imported from the F-Droid repository index.
- # Exodus Escan(manifest) for ALL systemApps via ToggleList (including system ODEX packages...)
- # ...ExodusPrivacy NEW database (eof448),
- 603 exoTrackers(455) = 574+29 signatures for 428+27 identified trackers
- More info :
- - https://reports.exodus-privacy.eu.org/api/trackers
- - https://gitlab.com/oF2pks/3xodusprivacy-toolbox (31 known additions ²/ETIP-standby °/missing µ/tools)
Version history
Jan 5, 2024 · 2.5 MB · Android API 21–30 · code 34
Imported from the F-Droid repository index.
- # Exodus Escan(manifest) for ALL systemApps via ToggleList (including system ODEX packages...)
- # ...ExodusPrivacy NEW database (eof448),
- 603 exoTrackers(455) = 574+29 signatures for 428+27 identified trackers
- More info :
- - https://reports.exodus-privacy.eu.org/api/trackers
- - https://gitlab.com/oF2pks/3xodusprivacy-toolbox (31 known additions ²/ETIP-standby °/missing µ/tools)
SHA-256 8819bfe633faa7affce5b035ad5f553fb5c68368ecaa1d2cdee02dd205773512
May 9, 2022 · 2.5 MB · Android API 21–30 · code 32
Imported from the F-Droid repository index.
- # ...ExodusPrivacy NEW database (eof443),
- 598 exoTrackers(453) = 567+31 signatures for 424+29 identified trackers
- # upSDK:30 + permission.QUERY_ALL_PACKAGES
- # Chairlock/AI on par:
- * inactive apps: permission.PACKAGE_USAGE_STATS for android 10 (Q) & up
- * viewManifest with search
SHA-256 3c3d8214f02b9daed4af9c67f83c055b900b8213bd0b5d9b2486e295c6c259d9
Feb 20, 2022 · 2.6 MB · Android API 21–29 · code 30
Imported from the F-Droid repository index.
- # android 11 & up only: packagesInfos/Chairlock add permission.PACKAGE_USAGE_STATS for inactive_Apps reporting (green),
- # ...ExodusPrivacy NEW database (eof436),
- 586 exoTrackers(446) = 555+31 signatures for 417+29 identified trackers
- More info :
- - https://reports.exodus-privacy.eu.org/api/trackers
- - https://gitlab.com/oF2pks/3xodusprivacy-toolbox (31 known additions ²/ETIP-standby °/missing µ/tools)
SHA-256 d6eda5ae494d966ca33db0b3804abedd7d6920c67669decab09663bf9cc062f1
Will it run on your device?
73%
- Runs on a broad range of modern Android versions.
- ABI coverage is focused on newer 64-bit devices.
Installation Guide
Open Settings on your Android device
Go to Security → Unknown sources (or Install unknown apps)
Enable "Allow from this source" for your browser or file manager
Open the downloaded APK file from your Downloads folder
Tap "Install" and wait for installation to complete
Launch the app from your home screen
Make sure to re-enable Unknown Sources restrictions after installation for security.
How to install this safely
How to verify the file you downloaded
Before you install anything, confirm the file is the one described here. On a computer, run shasum -a 256 your-download.apk (macOS or Linux) or certutil -hashfile your-download.apk SHA256 (Windows), then compare the output character-for-character with the SHA-256 on this page. If a single character differs, the file is not the build we recorded — delete it.
What the signing certificate proves
Every Android app is signed with a private key that only its developer holds. The fingerprint on this page is a hash of the matching public certificate, and it proves continuity rather than identity: it tells you a build came from whoever signed the earlier ones. Android enforces this at install time — if a package claiming to be com.oF2pks.classyshark3xodus is signed with a different key, the system will refuse to install it over your existing copy. A fingerprint that changes between releases is worth pausing on, because a repackaged app that has been modified by someone else cannot keep the original signature.
How to roll back to an earlier version
If the current release misbehaves, 2.0-32 is the last build before it. Android will not install an older version code over a newer one, so you must uninstall ClassyShark3xodus - Scan apps for warnings first — which clears its local data unless you have a backup. Reinstall the older APK only if its signing fingerprint matches the build you already trust, and check the API range: an older release may target an Android version your device has moved past.
Why we list sources instead of hosting everything
The official store channel is almost always the right choice: it updates automatically and carries the publisher's own distribution guarantees. A direct APK is useful when a device has no store access, when a rollout has not reached your region, or when you need a specific version — and only when the publisher has authorized that copy. APKBrowse does not list pirated, cracked, or unauthorized rebuilds of ClassyShark3xodus - Scan apps for warnings, and a listing is removed when the evidence for it stops holding up.
Get ClassyShark3xodus - Scan apps for warnings
Every source we list for com.oF2pks.classyshark3xodus is legality-reviewed. Pirated or cracked builds are never offered.
Other sources
F-Droid listing
officialF-Droid builds this app from source and signs it. This is its official listing, with older builds and full release notes.
Source code
verified publisherThe upstream repository this build is compiled from.
We check legality and signature continuity, but device behaviour still varies. Install at your own discretion.
App Information
Security Verification
We record provenance; we do not run malware scans. Verify the hash yourself before installing.
SHA-256 Hash
8819bfe633faa7affce5b035ad5f553fb5c68368ecaa1d2cdee02dd205773512
Signing certificate
c2c57ba09d4bbee77ff3de860bc450801675e3cac2e11092af1c5859d9d470f7
Permissions Required
Previous Versions
The signing certificate fingerprint for this release is on record, so a build that does not match it did not come from this publisher.
Report a problem with this listing
A listing is only as good as its corrections. If a source is broken, a signature looks wrong, or this app should not be here, tell the moderation team.