API tools faq
paste
Advertisement
FibsFreitag

Android apps for Penetration testing

FibsFreitag
Feb 1st, 2015
1,267
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.26 KB | None | 0 0
raw download clone embed print report
  1.  
  2. Android apps for Penetration testing
  3.  
  4. 1. dSploit
  5.  
  6. dSploit is a nice Android network penetration testing suit. It comes with all-in-one network analysis capabilities. Like most of the other penetration testing tools, it also comes for free. So, you can download and use this app on your Android device and perform network security testing. It has various pre-complied modules to use. The app is designed to be very fast, handy and easy to use, it’s just point and click.
  7.  
  8. dSploit supports all Android devices running on Android 2.3 Gingerbread or higher, and you also need to root your device. If you are newbie, we will never recommend you to use the app if you don’t know how to root your Android device. After rooting your device, you need to install BusyBox Installer. Download BusyBox from Google Play Store: https://play.google.com/store/apps/details?id=com.jrummy.busybox.installer&hl=en
  9.  
  10. Then download the app from the link given below.
  11.  
  12. App is available on github: https://github.com/evilsocket/dsploit/downloads
  13.  
  14. These are the available modules in the app.
  15.  
  16. RouterPWN
  17. Trace
  18. Port Scanner
  19. Inspector
  20. Vulnerability Finder
  21. Login Cracker
  22. Packet Forger
  23. MITM
  24.  
  25. 2. Network Spoofer
  26.  
  27. Network Spoofer is another nice app that lets you change the website on other people’s computer from your Android phone. Download the Network Spoofer app and then log onto the Wi-Fi network. Choose a spoof to use with the app then tap on start. This app is considered as a malicious hacking tool by network administrators. So, don’t try on unauthorized networks. This is not a penetration testing app. It’s just to demonstrate how vulnerable the home network is.
  28.  
  29. Download this app from sourceforge http://sourceforge.net/projects/netspoof/
  30.  
  31. 3. Network Discovery
  32.  
  33. Network Discovery is a free app for the Android device. The good thing is that the app doesn’t need a rooted device. This app has a simple and easy to use interface. It views all the networks and devices connected to your Wi-Fi network. The application identifies the OS and manufacturer of the device. Thus the app helps in information gathering on the connected Wi-Fi network.
  34.  
  35. Download app from Google Play: https://play.google.com/store/apps/details?id=info.lamatricexiste.network
  36.  
  37. 4. Shark for Root
  38.  
  39. Shark for Root is a nice traffic sniffer app for the Android device. It works fine on 3G and Wi-Fi: both network connectivity options. You can see the dump on phone by using Shark Reader that comes with the app. You can also use Wireshark a similar tool to open the dump on the system. So, start sniffing data on your Android device and see what others are doing.
  40.  
  41. 5. Penetrate Pro
  42.  
  43. Penetrate Pro is a nice Android app for Wi-Fi decoding. The latest version of the app has added many nice features. It can calculate the WEP/WAP keys for some wireless routers. If you have installed an Antivirus app, it may detect Penetrate Pro app as virus. But this app is a security tool and it will not affect or harm your device.
  44.  
  45. Penetrate gives you the wireless keys of Discus, Thomson, Infinitum, BBox, Orange, DMax, SpeedTouch, DLink, BigPond, O2Wireless and Eircom routers.
  46.  
  47. 6. DroidSheep [Root]
  48.  
  49. DroidSheep is a session hijacking tool for Android devices. This is an app for security analysis in wireless networks. It can capture Facebook, Twitter, and LinkedIn, Gmail or other website accounts easily. You can hijack any active web account on your network with just a tap by using the DroidSheep app. It can hijack any web account.
  50.  
  51. This app demonstrates the harm of using any public Wi-Fi.
  52.  
  53. Download this app from here: http://droidsheep.de/?page_id=23
  54.  
  55. 7. DroidSheep Guard
  56.  
  57. DroidSheep Guard is another Android app that also developed Droidsheep. This app does not require a rooted device. This app monitors Android devices’ ARP-table and tries to detect ARP-Spoofing attack on the network performed by DroidSheep, FaceNiff and other software.
  58.  
  59. Download DroidSheep Guard from Google Play: https://play.google.com/store/apps/details?id=de.trier.infsec.koch.droidsheep.guard.free&feature=search_result
  60.  
  61. 8. WPScan
  62.  
  63. WpScan is the WordPress vulnerability scanner for Android devices. This nice app is used to scan a WordPress based website and find all the security vulnerabilities it has. WPScan also has a desktop version of the app that is much powerful than the Android app. We know that WordPress is one of the most popular CMS and is being used by millions of websites.
  64.  
  65. The Android version of the app comes with few nice features. The app was released on Google Play but Google removed the app. The full source code of the app is available from Github. One thing to note that WPScan Android app is not related to the desktop version of WPScan. So, never think it as an official WPScan app.
  66.  
  67. Download app and source code: https://github.com/clshack/WPScan
  68.  
  69. 9. Nessus
  70.  
  71. Nessus is a popular penetration testing tool that is used to perform vulnerability scans with its client/server architecture. It also released its mobile app to bring its power on mobile devices. Nessus Android app can perform following tasks.
  72.  
  73. Connect to a Nessus server (4.2 or greater)
  74. Launch existing scans on the server
  75. Start, stop or pause running scans
  76. Create and execute new scans and scan templates
  77. View and filter reports
  78.  
  79. This app was released on Google Play store almost 2 years back by Tenable Network Security. Later Google removed the app from Play store. Now the official link has been removed. So you can try downloading links available on third party websites. But be careful and check the app first.
  80.  
  81. 10. FaceNiff
  82.  
  83. FaceNiff is another nice sniffing app for Android devices. It requires a rooted Android device. It can sniff and intercept the web sessions over the Wi-Fi. This app is similar to DroidSheep, added earlier in the post. You can also say Firesheep for Android devices. Use of this app may be illegal in your area. So, use it wisely.
  84.  
  85. 11. WebSecurify
  86.  
  87. WebSecurify is a powerful web vulnerability scanner. It’s available for all popular desktops and mobile platforms. It has a powerful crawler to crawl websites and then attack it using pre-defined patterns. We have already covered it in detail in our previous article. You can read the older article for better understanding.
  88.  
  89.  
  90. via infosecinstitute.com
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!