Best Android Tools For sniffing, Security Audit and
Hackingintegrantes:Alejandra Delgado IriarteSergio Teran
MOnasteriosVladimir Calle MayserSecurity researchers have long
maintained thatmalware is a problemon Android, the Google operating
system thatson 80% of the worlds smartphones. In extreme cases,
hackers with malicious intent can do much more than send premium
text messages. In this post, we will see various apps for web
application penetration testing, network penetration testing,
sniffing, networking hacking and Android apps penetration
testing.HackodeHackode : The hackers Toolbox is an application for
penetration tester, Ethical hackers, IT administrator and Cyber
security professional to perform different tasks like
reconnaissance, scanning performing exploits etc.This Application
contains different tools like: Reconnaissance Google Hacking Google
Dorks Whois Scanning Ping Traceroute DNS lookup IP MX Records DNS
Dig Exploits Security Rss FeedThis Application is still in beta
version
Androrat:Remote Administration Tool for Android.The name
Androrat is a mix of Android and RAT (Remote Access Tool).Androrat
is a client/server application developed in Java Android for the
client side and in Java/Swing for the Server.All the available
functionalities are Get contacts (and all theirs informations) Get
call logs Get all messages Location by GPS/Network Monitoring
received messages in live Monitoring phone state in live (call
received, call sent, call missed..) Take a picture from the camera
Stream sound from microphone (or other sources..) Streaming video
(for activity based client only) Do a toast Send a text message
Give call Open an URL in the default browser Do vibrate the
phoneAPKInspector:The goal of this project is to aide analysts and
reverse engineers to visualize compiled Android packages and their
corresponding DEX code. APKInspector provides both analysis
functions and graphic features for the users to gain deep insight
into the malicious apps: CFG Call Graph Static Instrumentation
Permission Analysis Dalvik codes Smali codes Java codes APK
InformationDroidBox:DroidBox is developed to offer dynamic analysis
of Android applications. The following information is shown in the
results, generated when analysis is ended: Hashes for the analyzed
package Incoming/outgoing network data File read and write
operations Started services and loaded classes through
DexClassLoader Information leaks via the network, file and SMS
Circumvented permissions Cryptography operations performed using
Android API Listing broadcast receivers Sent SMS and phone
callszANTI:zANTI is a comprehensive network diagnostics toolkit
that enables complex audits and penetration tests at the push of a
button. It provides cloud-based reporting that walks you through
simple guidelines to ensure network safety.These various pentest
options include: Network Map Port Discovery Packet Manipulation
Sniffer MITM (Man in the Middle filters) DoS (Pentest DoS
vulnerabilities) Password Complexity Audit Penetrate CSE to check
server/desktop vulnerabiltyDroid Sheep:DroidSheep is a simple
Android tool for web session hijacking (sidejacking). It listens
for HTTP packets sent via a wireless (802.11) network connection
and extracts the session id from these packets in order to reuse
them.DroidSheep can capture sessions using the libpcap library and
supports: OPEN Networks WEP encrypted networks WPA and WPA2
encrypted networks (PSK only)DroidSheep is not intended to steal
identities or endamage anybody, but to show the weak security of
non-ssl webservicesdSploit:dSploit is an Android network analysis
and penetration suite which aims to offer to IT security
experts/geeks the most complete and advanced professional toolkit
to perform network security assessments on a mobile device.Features
WiFi Cracking RouterPWN Trace Port Scanner Inspector Vulnerability
finder Login cracker Packet forger Man in the middle Simple sniff
Password sniff Session Hijacker Kill connections Redirect Replace
images Replace videos Script injector Custom filterAppUse Android
Pentest Platform Unified Standalone Environment:AppUse Virtual
Machine, developed by AppSec Labs, is a unique (and free) system, a
platform for mobile application security testing in the android
environment, and it includes unique custom-made tools.Features New
Application Data Section Tree-view of the applications folder/file
structure Ability to pull files Ability to view files Ability to
edit files Ability to extract databases Dynamic proxy managed via
the Dashboard New application-reversing features Updated
ReFrameworker tool Dynamic indicator for Android device status Bugs
and functionality fixesShark for Root:Traffic sniffer, works on 3G
and WiFi (works on FroYo tethered mode too).To open dump use
WireShark or similar software, for preview dump on phone use Shark
Reader.Based on tcpdump. Please leave comments/send e-mail if you
have any problems/suggestions.Android Device Testing FrameworkThe
Android Device Testing Framework (dtf) is a data collection and
analysis framework to help individuals answer the question: Where
are the vulnerabilities on this mobile device? Dtf provides a
modular approach and built-in APIs that allows testers to quickly
create scripts to interact with their Android devices. The default
download of dtf comes with multiple modules that allow testers to
obtain information from their Android device, process this
information into databases, and then start searching for
vulnerabilities (all without requiring root privileges). These
modules help you focus on changes made to AOSP components such as
applications, frameworks, system services, as well as lower-level
components such as binaries, libraries, and device drivers. In
addition, youll be able to analyze new functionality implemented by
the OEMs and other parties to find vulnerabilities.drozerdrozer
(formerlyMercury) is the leading security testing framework for
Android.drozer allows you to search for security vulnerabilities in
apps and devices by assuming the role of an app and interacting
with the Dalvik VM, other apps IPC endpoints and the underlying
OS.drozer provides tools to help you use, share and understand
public Android exploits. It helps you to deploy a drozer Agent to a
device through exploitation or social engineering. Using weasel
(MWRs advanced exploitation payload) drozer is able to maximise the
permissions available to it by installing a full agent, injecting a
limited agent into a running process, or connecting a reverse shell
to act as a Remote Access Tool (RAT).NeoPWNNeopwn is an advanced
penetration testing and radio frequency auditing platform designed
to run on mobile phones and tablets.We were the first to ever
release a security auditing distribution for a mobile phone, and we
continue to push the envelope in supporting the latest
bleeding-edge tools and hardware.Several options exist for local
and remote control of the Neopwn system, including: Android-based
control panel application for system management Desktop interface
via VNC,for full X windows programs Shell access with native
Android terminal emulation applications Quick application access
with native Android desktop icon launchers Remote access through
VPN and SSHASEFHave you ever looked at your Android applications
and wondered if they are watching you as well? Whether its a
bandwidth-hogging app, aggressive adware or even malware, it would
be interesting to know if they are doing more than what they are
supposed to and if your personal information is exposed. Is there
really a way to automatically evaluate all your apps even hundreds
of them to harvest their behavioral data, analyze their run
pattern, and at the same time provide an interface to facilitate a
vast majority of evolving security tests with most practical
solutions?Android Security Evaluation Framework (ASEF) performs
this analysis while alerting you about other possible issues. It
will make you aware of unusual activities of your apps, will expose
vulnerable components and help narrow down suspicious apps for
further manual research.ASEF is an Open Source tool for scanning
Android Devices for security evaluation. Users will gain access to
security aspects of android apps by using this tool with its
default settingsAndroguardReverse engineering, Malware and goodware
analysis of Android applications and moreFeatures: Map and
manipulate DEX/ODEX/APK/AXML/ARSC format into full Python objects,
Diassemble/Decompilation/Modification of DEX/ODEX/APK format,
Decompilation with the first native (directly from dalvik bytecodes
to java source codes) dalvik decompiler (DAD), Access to the
staticanalysisof the code (basic blocks, instructions, permissions
(with database fromhttp://www.android-permissions.org/) ) and
create your own static analysis tool, Analysis a bunch of android
apps, Analysis with ipython/Sublime Text Editor, Diffingof android
applications, Measurethe efficiency of obfuscators (proguard, ),
Determineif your application has been pirated
(plagiarism/similarities/rip-off indicator), Check if an android
application ispresentin a database (malwares, goodwares ?), Open
sourcedatabaseof android malware (this opensource database is done
on my free time, of course my free time is limited, so if you want
to help, you are welcome !), Detection of ad/open source librairies
(WIP), Risk indicator of malicious application, Reverseengineering
of applications (goodwares, malwares), TransformAndroids binary xml
(likeAndroidManifest.xml) into classic xml, Visualizeyour
application withgephi(gexf format), or withcytoscape(xgmml format),
or PNG/DOT output, Integration with external decompilers
(JAD+dex2jar/DED/) .RevenssisNicknamed as the Smartphone Version of
Backtrack, Revenssis Penetration Suite is a set of all the useful
types of tools used in Computer and Web Application security. Tools
available in it include: Web App scanners, Encode/Decode &
Hashing tools, Vulnerability Research Lab, Forensics Lab, plus the
must-have utilities (Shell, SSH, DNS/WHOIS Lookup, Traceroute, Port
Scanner, Spam DB Lookup, Netstat etc). All these fitting in an
application approx. 10MB (post installation).Features All Web
Vulnerability Scanners including: SQL injection scanner XSS scanner
DDOS scanner CSRF scanner SSL misconfiguration scanner Remote and
Local File Inclusion (RFI/LFI) scanners Useful utilities such as:
WHOIS lookup, IP finder, Shell, SSH, Blacklist lookup tool, Ping
tool, Forensic tools (in imlementation) such as malware analyzers,
hash crackers, network sniffer, ZIP/RAR password finder, social
engineering toolset, reverse engineering tool Vulnerability
research lab (sources include: Shodan vulnerability search engine,
ExploitSearch, Exploit DB, OSVDB and NVD NIST Self scan and Defence
tools for your Android phone against vulnerabilities Connectivity
Security Tools for Bluetooth, Wifi and Internet. (NFC, Wifi Direct
and USB in implementation)SPF Smartphone Pentest FrameworkThe
product of a DARPA Cyber Fast Track grant, the Smartphone Pentest
Framework is an open source security tool, designed to aid in
assessing the security posture of smartphones in an environment.
SPF Version 0.1 contains remote attacks, client side attacks,
social engineering attacks, and post exploitation, targeting
smartphone devices.BugtroidBugtroid is an innovative tool developed
by the team of Bugtraq-Team. The main features of this apk, is that
it has more than 200 Android and Linux tools (PRO) for pentesting
and forensics through smarthphone or tablet.OWASP Droid FusionOWASP
Droid Fusionis a platform for android mobile or any other mobile
for doing Malware Analysis, Development, Application Pentesting and
Forensics. You can use it in any mobile security research, and if
you have Droid Fusion, you dont need to worry about finding tools.
There are more then 60 tools and scripts and it is free.
sniffers encontrados Android:
IOS:
