KillWxapkg

KillWxapkg is a Go command-line tool for decompiling WeChat Mini Programs. WeChat Mini Programs are small applications that run inside the WeChat messaging app on mobile devices. They are distributed as compiled and encrypted package files with the .wxapkg extension. This tool takes those package files and reverses them back into readable source code.

The tool handles the full decompilation process in one step: it detects whether a package is encrypted, decrypts it automatically if needed, then unpacks it. After unpacking, it can restore the original project directory structure, separating the code back into its component files: JavaScript, JSON configuration files, WXML (WeChat's HTML-like template language), and WXSS (WeChat's CSS-like style language). A code beautification option reformats the output for easier reading.

Beyond decompilation, the tool includes a Hook feature that patches the WeChat desktop client to enable developer tools and an F12 console on Mini Programs that normally do not allow it. This requires running WeChat and is noted to carry a risk of account suspension, so the README recommends using a secondary account. There is also a repack option that takes a modified source directory and packages it back into a .wxapkg file, and a sensitive data export feature that scans decompiled code for hardcoded credentials and similar information.

The tool is compiled from Go source code or downloaded as a prebuilt binary. The README is written in Chinese and includes a disclaimer stating the tool is intended for security research and learning only, and that users are responsible for complying with applicable law.