this tool allow admin proof test how can the firewall efficiency handle bad user in local network.
By one click from your hand you can test cut any network connection between internet gateway and
devices in your local network remotely.
This is simple technical how can this application work (you can skip it if you don't understand network
- Every LAN connectable devices have one unique number called MAC Address
-Ehen the device want to communicate with another device they need 2 things,IP Address and MAC Address.
- The device only know destination IP Address(Ex: gateway) but not for Mac Address, it maybe change when that device
reconnect and get new IP that mean you can't static fix this pair of IP and MAC address together.
- Only way to get destination MAC Address is request, the device send ask request command to every devices some thing like this
"Hey! , IP 192.168.1.1 what is your MAC Address?"
- Every devices received this request but not answer except the device who carry ip 192.168.1.1,
this is response "OK, my IP 192.168.1.1 and Mac Address is 12:82:FA:22..." this response not for all, he just only reply to asker.
- when asker received response, they pair IP and MAC together and start communication
- If they ask every time when they want to communicate that make a lot of traffic, so the device
must be cache the pair for a while (Ex: 5 min)
it's look well algorithm to solve this problem but something wrong.
this implement in low level network communication so they miss some check of replier that can make this algorithm weak.
Netcut using vulnerability of implementation send reply command without request to victim the make victim cache wrong
IP and MAC Address. that make they lost connection.
This Application create for testing Network Security only.
If you use for others purpose that mean, it's your own responsibility to deal with the effect.
Developer Will NOT response to all harm that user or application make.
This application develop under GNU General Public License version 3 ,From original version of dsploit.
So you can redistribute, modify under GPLv3.
Source code available here : http://www.comdet.com/Netcut.zip
Distributed form :
If you turn on your WiFi radio, this app will turn it off before you have a chance to connect to a potentially malicous network.
Going to DefCon? Install this app and avoid being phwned!
*Works in Android >1.5
Get "Wireless Killer" to kill Bluetooth (for Android >2.1)
keywords: disable wifi, prevent wireless
Detects and protects from all kinds of ARP (Address Resolution Protocol) related attacks in Wi-Fi networks, like DOS (Denial Of Service) or MITM (Man In The Middle).
Protects your phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via "Man In The Middle" through ARP spoofing / ARP poisoning.
Don't allow such tools to break your privacy and steal your data. You can defend yourself with a single app.
Allows secure usage of Facebook, Twitter, LinkedIn, Live.com, eBay ...
WifiKill can't take you offline with this app installed. The "Immunity" feature is the only one that requires root, all other features work without root access.
- No configuration required, works off the shelf for novices
- Experts can change many settings to adapt the app to their needs
- Undetectable by the bad guy
- 100% silent and passive inside the network. Generates no noise
- Highly customizable notifications
- Plays ringtone on attack (optional)
- Vibrates in a given pattern on attack (optional)
- Easy to use one-click-interface as well as detailed network view for experts
- "Immunity" protects you without disabling Wi-Fi (root required)
- Can also disable Wi-Fi if you don't have root access to your phone
- Logging of all spoofing attempts with details about the network and the attacker
- Works in complex wireless LANs, like vWLAN and WDS (please see FAQ)
- Detects networks already under attack
- Automatic countermeasures
- Uses very few resources
- Uses no resources if Wi-Fi is disabled
- Nearly zero battery consumption
- Requires very few permissions. Requests only absolutely necessary permissions
Q: What is the ARP cache?
A: The ARP cache is a temporary storage on your phone that holds pairs of IP and MAC addresses that belong together.
Q: What is ARP cache poisoning?
A: ARP cache poisoning is a method to inject false information into your phone's ARP cache by sending forged packets to the (Wifi) network.
Q: What is DOS attack (Denial Of Service) through ARP cache poisoning?
A: An attacker changes the ARP cache on your phone in a way that invalid MAC addresses are associated with certain IP addresses. Very popular is to inject a false MAC address for the default gateway of your phone. This is an effective way to prevent your phone from accessing the internet. The attack is very lightweight, so a single attacker can disturb large networks. With Wifi Protector on a rooted phone you are immune to this kind of attack.
Q: What is MITM attack (Man In The Middle) through ARP cache poisoning?
A: Like in DOS attacks an attacker changes the MAC address of your phone's default gateway in your phone's ARP cache. Instead of injecting an invalid MAC address he places the MAC address of his own device into the cache. If possible, he also poisons the ARP cache of the default gateway in the Wifi network and changes the MAC address associated with your phone's IP address in the gateway's ARP cache. If the default gateway is vulnerable, the attacker has established a full-routing MITM. He can now read and change everything you send and receive over the network, in some special cases even if you use encryption. If the default gateway is not vulnerable, the attacker has established a half-routing MITM. He can then read and change everything you send, but not the data you receive. With Wifi Protector on a rooted phone you are immune against half-routing and - to some extent - against full-routing MITM. In the full-routing MITM scenario Wifi Protector prevents the attacker to read and change everything you send, but not the data to receive. In any cases you get an alarm.
For questions, suggestions, feature requests, feel free to visit the forum.
ROOT is Required!
There are can be issues in program with destroyed phone as result, use with caution.
It is simple, 'lite-script' program for copying files to system folder. It can be useful for applying system patches without recovery mode, or by adding system applications to device.
Also, you can make backup of files before copying for later restoring.
To use program, you should create at SD card 'devastator' folder, package name folder and put files with correct structure into it.
E.g. Camera fix (test sample):
1. Create next folder structure /sdcard/devastator/Camera_fix/system/etc/
2. Put correct mot_ise_imager_cfg.bin file here
3. Run Devastator, press 'Reverse copy (backup)' button, to make backup
4. Press 'Copy Files to Phone' to update file.
A lot of files with serious folder structure can be used.
Also, for removing files (used for backups) used special syntax: to file added '.del' extension. You can create such files manually, to remove some system files.
TaskKill does not operate on its own, and requires either Tasker, or Locale
Taskkill does not specifically require root, but it is recommended.
**IMPORTANT: Make sure you have tasker (or Llama) enabled in the Accessibilty settings of Android.
The following options are
* Simple: (Does not need root) Asks the target app to quit. Does not force the matter at all.
* Advanced: (Requires Root) Kills the PID of the target app. Apps with background processes may startup again.
* Extreme: (Requires Root And ICS+) Recommended method. This kills the target app using the same method as going to the app under settings and clicking "Force Close"
* Hardcore: (Requires Root) Only use as a last resort. This kills the target app by disabling its package and re-enabling it.
**WARNING Hardcore may remove shortcuts from the homescreen.
Thanks to daweefolk & unkmar for testing.
iP üzerinden bağlanan kullanıcıları uzaklaştırarak hem internetinizin hızına hız katın ve zamandan tasarruf edin.
NOT: Uygulamayı kullanmak için root erişim izni gerekmektedir.
WifiKill Pro İndirme Aracı yayında hemen indirin!
Switch ADB over USB and over Wifi.
feature is below.
- When change to over Wifi, you can set timeout. If expire, get back to over USB.
- You can change ADB TCP port.
Test for only below.
- Galaxy Nexus
- xperia arc
- REGZA Phone T-01C (thanks for reporting!)
If does not work on your phone, please send bug report!
IT IS JUST A LIST, DON'T EXPECT ANYTHING MORE THAN THAT (sorry for all caps, but some people expect matrix meets mission impossible... and give a bad rating when their expectations are not met :) )
Please read the description...
Penetration test is used to test security of something. (if that something passes penetration test, there is a higher chance that hacker cant hack into it)
Apps are sorted with Tags.
Links to Apps on the Play Store.
Links to Apps that are NOT on the Play Store
Links to Source Code of Open Source Apps
Links to App websites.
Links to Google the name of the App or App Package.
Alternative Links to PlayStore and PlayStore Website (just in case someone likes to have those) Some apps are not on the play store, so those links wont work on the Google Play Store, but might work on other Stores (for example Aptoide).
Because there are not many pentest apps for android, there are also some useful apps for network administrators, system administrators, geeks and more :)
Tools will be as soon as i find some. if you found some app that is not there, or have any ideas on how can i make this app better, just hit me up on email.
This app requires permission to access the internet, because this app is actually a browser that is showing my website. (all the info about apps and app links are on that website)
Keywords: network net internet system sys linux pen penetration pentest test testing vulnerability programming hack hacking hacker intrusion security sec protection scanner analyzer anonymous protocol address ip
several famous separate tools and more over offers a good and unique alternative of Wireshark for android.
The main features are:
* network discovery with OS detection
* network traffic analysis
* passwords recovery
* files recovery
WARNING! If you face any problems reinstall busybox and supersu!
Runs on Android >=2.3.3 with root+busybox
Looks better on high resolution, but completely comfortable on 480x720.
Busybox is needed by several root apps and is a powerful utility. Learn more about busybox at http://busybox.net/
☆ Latest version of busybox included
☆ Advanced installer
☆ Scripter to create and run your scripts
☆ Check for new versions automatically (don't need to update the app)
☆ View a list of applets and their usage
☆ Delete busybox from your system
BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. The utilities in BusyBox generally have fewer options than their full-featured GNU cousins; however, the options that are included provide the expected functionality and behave very much like their GNU counterparts. BusyBox provides a fairly complete environment for any small or embedded system.
BusyBox has been written with size-optimization and limited resources in mind. It is also extremely modular so you can easily include or exclude commands (or features) at compile time. This makes it easy to customize your embedded systems. To create a working system, just add some device nodes in /dev, a few configuration files in /etc, and a Linux kernel.
BusyBox is maintained by Denys Vlasenko, and licensed under the GNU GENERAL PUBLIC LICENSE version 2.
Busybox Installer is open source under GNU license. Improvements and feedback is welcome.
Developed by: JRummy Apps Inc.
Fast and accurate, Fing is a professional App for network analysis. A simple and intuitive interface helps you evaluate security levels, detect intruders and resolve network issues.
+ Discovers all devices connected to a Wi-Fi network. Unlimited devices and unlimited networks, for free!
+ Displays MAC Address and device manufacturer.
+ Enter your own names, icons, notes and location
+ Full search by IP, MAC, Name, Vendor and Notes
+ History of all discovered networks.
+ Share via Twitter, Facebook, Message and E-mail
+ Service Scan: Find hundreds of open ports in a few seconds.
+ Wake On LAN: Switch on your devices from your mobile or tablet!
+ Ping and traceroute: Understand your network performances.
+ Automatic DNS lookup and reverse lookup
+ Checks the availability of Internet connection
+ Works also with hosts outside your local network
+ Tracks when a device has gone online or offline
+ Launch Apps for specific ports, such as Browser, SSH, FTP
+ Displays NetBIOS names and properties
+ Displays Bonjour info and properties
+ Supports identification by IP address for bridged networks
+ Sort by IP, MAC, Name, Vendor, State, Last Change.
+ Free of charge, no banner Ads
+ Available for iPhone, iPad and iPod Touch with retina and standard displays.
+ Integrates with Fingbox to sync and backup your customizations, merge networks with multiple access points, monitor remote networks via Fingbox Sentinels, get notifications of changes, and much more.
+ Fing is available on several other platforms, including Windows, OS X and Linux. Check them out!
If you don't have dSploit, grab it from http://dsploit.net
NOTE: THIS APP HAS SIMILAR REQUIREMENTS TO dSploit
- Your phone must be rooted
- You must have Gingerbread+ (2.3+)
Share your scripts!
- Download scripts created by others.
- Submit your own!
This app is open source and licensed under GPL v3.
You can browse the code here: http://github.com/jkush321/dsploitscripts
The scripts this app downloads are licensed under the MIT License.
You can browse the repository here: http://github.com/infacraft/dsploitscriptsrepo
WiFinspect is a multi-tool intended for Computer Security professionals and other advanced users that wish to monitor the networks they own or have permission, i.e. the app is a security audit tool and not a hacking tool. The functions include:
* Network Information
* UPnP Device Scanner
* Host Discovery
* Network Sniffer
* Pcap Analyzer (three options)
* PCI DSS Menu
- Access Point Default Password Test (requirement 2.1.1.c)
- Access Point Security Test (requirement 4.1.1)
- Access Point Scanner (requirement 11.1)
- Internal Network Vulnerability Scanner (requirement 11.2.1)
- External Network Vulnerability Scanner (preparation for requirement 11.2.2)
* Host Information
* Port Scan
* Host Vulnerability Scan
This app is a student dissertation by Andreas Hadjittofis as part of his MSc in Computer Security at the University of Birmingham. The project is supervised by Dr Tom Chothia. The developers of this app cannot be held responsible for how this app is being used. The app comes with no guarantees.
* Based on your reports, Nmap WILL NOT WORK on devices running Android 2.1 and 2.2. You will get the "Some binaries could not be installed" error message and will be presented with the non-root mode. If you are using a newer Android version, please email me.
* Network Information (ROOT): Information about the connected network like MAC and IP addresses, gateway etc
* UPnP Device Scanner: Lists all UPnP devices on the network that are within the view of your device
* Host discovery (ROOT): Uses nmap to discover all devices on the network that are within the view of your device
* Network Sniffer (ROOT): Uses tcpdump to sniff on all packets that are within the view of your device. The resulting pcap files can be analyzed with Wireshark or the built-in Pcap Analyzer
* Pcap Analyzer: Uses jNetPcap to parse a pcap file. Three options: Packet Distribution, Bandwidth Distribution or Communicating Hosts analysis
* Access Point Default Password Test: Checks a pre-set list of default router passwords against your router’s control panel and notifies you if your router is using a default password
* Access Point Security Test: Displays the access points that are within the view of your device with a note whether they are secure (WPA/WPA2) or not (WEP or unlocked)
* Access Point Scanner: Displays the access points that are within the view of your device
* Internal Vulnerability Scanner (ROOT): Uses nmap to find all devices on the network that are within the view of your device. A note is given whether exploits exists for a given device based on its operating system and open ports
* External Vulnerability Scanner (ROOT): Runs Host Information, Port Scan, Host Vulnerability Scan, Traceroute, Ping or Sniffer functions on a given IP address or hostname
* Host Information (ROOT): Uses nmap to retrieve the device’s hostname, MAC address, vendor, operating system, device name and workgroup
* Port Scan (ROOT): Uses nmap to retrieve the device’s open ports. Click on a port to view the Metasploit results for the device's operating system and port
* Host Vulnerability Scanner (ROOT): Uses nmap to retrieve information about the host along with a note stating whether exploits exists for the device based on its operating system and open ports
* Traceroute (ROOT): Uses nmap to traceroute to a host
* Ping (ROOT): Uses nping to ping a host
* ACCESS_WIFI_STATE, CHANGE_WIFI_STATE, ACCESS_NETWORK_STATE: Used to determine if the device is connected to a Wi-Fi network and to retrieve the data displayed in Network Information function
* CHANGE_WIFI_MULTICAST_STATE: Used by the UPnP Device Scanner function
* INTERNET: Used to retrieve the device’s external IP address in Network Information function, for Metasploit search, and for the optional error reporting.
* WRITE_EXTERNAL_STORAGE: Used to store the nmap and pcap files
Root required for this application!
The fastest, most trusted, and #1 BusyBox installer and uninstaller!
Over 10 million installs and over 50,000 5 Star ratings!
Support for arm and intel based devices, mips support coming soon. (I need a mips device)
Mentioned in the new XDA-Developers book "XDA Developers' Android Hacker's Toolkit: The Complete Guide to Rooting, ROMs and Theming"
Winner of best Utility Software award for Android via Handster.
This is the only installer that is ad free and requires no internet permission!
The source for this application can be found here: https://code.google.com/p/busybox-android/
Featured on the BusyBox website at: http://busybox.net/products.html
The BusyBox source code can be found here: http://git.busybox.net/busybox/
A must have for any rooted phone! Almost EVERY rooted applications needs BusyBox to perform their magic, if you have a rooted phone then you need BusyBox.
Pro version contains Backup feature (for safer installs), uninstall feature, Advance Smart install feature, the ability to hand pick the applets you want, safety check for missing applets on start, and better overall support. The pro version will receive more frequent updates than the free version will.
Please note I did not write BusyBox! I wrote this installer and cross compiled BusyBox for Android. Please see the about menu option for more details or here: www.BusyBox.net
BusyBox is a software application that provides many standard Unix tools, much like the larger (but more capable) GNU Core Utilities. BusyBox is designed to be a small executable for use with the Linux kernel, which makes it ideal for use with embedded devices. It has been self-dubbed "The Swiss Army Knife of Embedded Linux".
Leave this installed if you always want to get the latest version of busybox!
Retailers, crooks, the government, and others shady individuals are tracking your movements. Even when your Wi-Fi is turned off, your phone may be broadcasting information to whomever is in range which can be used both to track repeated visits to as well as your exact movements in an area under surveillance.
It's not a big step to couple this to personal information - a retailer for example, could track your trip to the register and correlate with your payment information. Now the tracking hardware and software vendors, the store (or chain) owner, their business partners, they can now all track where you are every time you come into range of one of their systems, and fully profile who you are, what you do, your financials, and your daily patterns!
That is just one example, but there are many uses for tracking you. Make no mistake, this is happening in the real world today.
One solution is shutting off Wi-Fi completely (including the background network scanning, a setting most people don't know about), but you would lose benefits like automatically connecting to known Wi-Fi networks and improved location awareness for your apps. It also does nothing to help the situation for others.
Pry-Fi will prevent your device from announcing all the networks it knows to the outside world, but it will still allow background scanning and automatically connecting to Wi-Fi networks. While you are not connected to a Wi-Fi network, the MAC address will constantly be pseudo-randomized, following a pattern that still makes the trackers think you are a real person, but they will not encounter your MAC address again. This will slowly poison their tracking database with useless information.
When you do connect to a Wi-Fi network, unless you specify otherwise, your MAC address will also be randomized - the same MAC address will not be used the next time you connect to this or any other network.
Though of course the companies involved with these trackers claim they wouldn't use the data maliciously, the possibility is there, and we all know that if something can be abused, ultimately it will be. There do not appear to be any laws against these practices yet, nor is it likely Wi-Fi will be redesigned any time soon to get rid of the information leaks.
But we can make an effort to reduce the usefulness of the tracking data for the exploiters. Pry-Fi comes with a War mode, which when enabled tries to make your Android device appear like dozens of people. Just wandering around an area under Wi-Fi location surveillance for a few minutes can ruin the tracking data for the period of your stay.
Proof of Concept
This is proof-of-concept code, and how for it will go in the future depends on interest and how well it works. It has been tested on several devices and seems to work, but it is very young still. The magic the app does to achieve its purpose is ever subject to changing Android security policies and OEM customizations, so even though it works now, there really is no saying if it will still be possible in future firmwares.
Of course you should also keep in mind that tracking can be done in many ways, and these W-Fi signals are far from the only method in use.
Further details, device compatibility information, FAQ, discussion, etc is all available on XDA-Developers.com here: