Android Pen-testing tools

ANDROID PENTEST SUITE
ANDROID NETWORK TOOLKIT

Award winning Mobile Penetration Testing tool specifically built for smartphones. zANTI is the currently released version of code name ANTI (Android Network Toolkit). After over a year of beta testing with approximately 100,000 IT managers and Penetration Testers around the globe, ANTI is the first penetration testing framework for mobile devices. To further develop current security tests. which must be performed on a comprehensive professional pentest, Zimperium is going to slowly open-source parts of zANTI.

ANDROID SPY AGENT
TOTAL SMS CONTROL

The Best Mobile Spy Software for Spouse monitoring, Parental Control, Employee Tracking, Phone Security and Locator.

AGASTAYA

Having Agastya installed on your phone magically allows you to access your mobile remotely. You can access & retrieve a lot of data from your mobile phone even if you don’t have it with you. The data which could be fetched includes 1) Contacts (Fetching contact number from your Address book) 2) Call Logs (Checking Missed Calls/Received Calls/Dialed Numbers) 3) IMEI Number 4) Phone Profile (Changing profile mode to Ringer or Silent) 5) SIM Number (Retriving SIM Number) 6) SMS logs (Checking SMS's received on your phone).

SESSION HIJACKING
DROIDSHEEP

DroidSheep [Root] is an Android app for Security analysis in wireless networks and capturing facebook, twitter, linkedin and other accounts.DroidSheep was developed as a tool for testing the security of your accounts and is based on my Bachelor thesis with title “Session Hijacking on Android Devices”.

FACESNIFF

FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK) It's kind of like Firesheep for android. Maybe a bit easier to use (and it works on WPA2!).

DOS ATTACK
ANDOSID

AnDOSid allows security professionals to simulate a DOS attack (A http post flood attack to be exact) and of course a dDOS on a web server, from mobile phones.

SMS BOMBER

Bomb your friends with alot of SMS in a short period Features - Unlimit number of text - Flood multiple contacts - Cancel button - No delay or periodically send - Remember last config - Easily select contacts - Counter to make sms differently - Add counter to (press menu/Counter) into each text - Download Anti SMS Bomber before bombarding :)

Download Anti SMS Bomber before bombarding :)

CONNECT & SCAN
SSHDROID

Connect through SSH to your device! SSHDroid is a SSH server implementation for Android. This application will let you to connect to your device from a PC and execute commands (like "terminal" and "adb shell") or edit files (through SFTP, WinSCP, Cyberduck, etc...).

FING

Fing is the ultimate toolkit for network management: * Network discovery * Service scan (TCP port scan) * Ping * Traceroute * DNS lookup * Wake on LAN * Fingbox (sync, backup, merge, monitor, notifications) * TCP connection tester * MAC address and vendor gathering * Customizable host names and icons * Connectivity detection * Geolocation * Integrated launch of third-party Apps for SSH, Telnet, FTP, FTPS, SFTP, SCP, HTTP, HTTPS, SAMBA

TEENABLE NESSUS

The Nessus Android app, from Tenable Network Security Inc., enables you to log into your Nessus scanners and start, stop and pause vulnerability scans as well as analyze the results directly from your Android device. This mobility helps improving the efficiency of your Incident Response process by letting you quickly log into a Nessus scanner from your phone to search previous scan results or check the status of an on-going scan.

HACK A DROID

This is a little suite of homemade implementations of security tools for Android composed by a router password cracker, an utility that scans for hosts in your LAN, a port scanner and a service banner grabber.

ANDROID TERMINAL EMULATOR

Access your Android's built-in Linux command line shell. Unleash your inner geek!

SNIFFERS
SHARK FOR ROOT

Traffic sniffer, works on 3G and WiFi (works on FroYo tethered mode too). To open dump use WireShark or similar software, for preview dump on phone use Shark Reader. Based on tcpdump.

SHARK READER

Application for reading pcap files. Possible unstability/errors. Has problems with large files. Suggestions and comments are welcome. If You want traffic tagging functionality (tags packets to mark possible content), run Shark Updater. Filters: type name to include it, type -name to exclude it from list

ANONYMITY
ORBOT

Enhance your privacy, break through firewalls and communicate more safely. Orbot is the official port of Tor to Android. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet.

Note : All Apps available on play store you can download from there 

Thank you (zer0w0rm)

Published By : Zer0w0rm ~ Zer0w0rm

 

3 comments:

  1. there is malware in some of the files like sms bomber and anti sms bomber please remove those so that there will be no victims

    ReplyDelete
  2. Pretty article! I found some useful information in your blog, it was awesome to read, thanks for sharing this great content to my vision, keep sharing..
    Mobile App Development Company
    Android App Development Company

    ReplyDelete
  3. This is interesting! I like such things. But you know, I would better install this wonderful Call spy https://9spyapps.com/hidden-call-recorder/ on your phone and spy anybody you want.

    ReplyDelete