bitShark is a powerful and feature rich packet capture and analysis application for Android
It's like Wireshark for Android!
Please try the Free Trial Version of bitShark before purchasing to test compatibility with your devices
- Realtime view/inspection of incoming packets
- Network packet capture to PCAP file format from any interface (Wifi or Cellular)
- Detailed inspection of a wide range of IP networking protocols
- Supports tcpdump style capture filter syntax
- Ability to open and analyze offline PCAP files
- Built-in file browser for choosing PCAP files to open from anywhere on your device
- Detailed statistical analysis of PCAP files
- Powerful filtering architecture allows user to build complex filtered views of offline data
- Ability to export PCAP stats to PDF
- Ability to export individual packets to separate PCAP file
- Ability to reassemble and save web images from TCP streams
(works with popular apps and mobile sites like Facebook and Instagram!)
IPv4, IPv6, UDP, TCP, HTTP, Web Images, HTML, DNS, mDNS, ICMP, ARP, Ethernet, PPP, SNAP, SLL, 802.3, 802.2, SIP, SDP, VLAN (802.1q), L2TP
Trial Version available for free here:
NOTE: This application requires ROOT permission to capture live packets.
Root is not required for offline viewing and analysis.
If you're having trouble capturing packets (crash after a few seconds of capturing) please try unchecking "Enable Live Indexing" in the Settings menu. A fix for this problem is in the works.
Using this application on Android 4.2 with full device encryption enabled or forcing the app to be moved to external storage may cause instability.
If you're having capture or installation issues please try doing a "Force Reinstall" through the new bitShark Installer activity which can be accessed through the Settings activity. Then force close the app and see if that fixes your problem.
Like bitShark on Facebook:
Follow bitShark on Twitter @bitSharkAndroid
The first tab displays information about connected Wi-Fi network (SSID, BSSID, router manufacturer, connection speed, signal strength, frequency, security options).
Networks tab displays all available Wi-Fi networks and their parameters.
Charts show the changes of strength level and speed of a Wi-Fi connection.
This app works over Wi-Fi or a cell connection.
You can think of it as Zenmap (the PC GUI), but for Android.
It contains nMap 6.25. This is the most up-to-date and feature rich nMap App on the market, give it a try!
nMapper has layouts optimized for both phones and tablets, and supports Android 2.3-4.2 (Gingerbread to Jellybean).
What devices does this work with?
nMap is compiled for ARM devices, if you have an Intel or MIPS device, this app will not work. (Almost everyone has an ARM device, so if you don't know, you're probably safe)
Why is this app so large?
This app includes a ported version of nMap, and upon extraction will use about 30MB total. I'm sorry if this is a problem for some, but that is the size of an Android App + nMap (which is written in C/C++).
WiFinspect is a multi-tool intended for Computer Security professionals and other advanced users that wish to monitor the networks they own or have permission, i.e. the app is a security audit tool and not a hacking tool. The functions include:
* Network Information
* UPnP Device Scanner
* Host Discovery
* Network Sniffer
* Pcap Analyzer (three options)
* PCI DSS (Version 2) Menu
- Access Point Default Password Test (requirement 2.1.1.c)
- Access Point Security Test (requirement 4.1.1)
- Access Point Scanner (requirement 11.1)
- Internal Network Vulnerability Scanner (requirement 11.2.1)
- External Network Vulnerability Scanner (preparation for requirement 11.2.2)
* Host Information
* Port Scan
* Host Vulnerability Scan
This app is a student dissertation by Andreas Hadjittofis as part of his MSc in Computer Security at the University of Birmingham, UK. The project is supervised by Dr Tom Chothia and was released in August 2012. The developers of this app cannot be held responsible for how this app is being used. The app comes with no guarantees.
* Network Information (ROOT): Information about the connected network like MAC and IP addresses, gateway etc
* UPnP Device Scanner: Lists all UPnP devices on the network that are within the view of your device
* Host discovery (ROOT): Uses nmap to discover all devices on the network that are within the view of your device
* Network Sniffer (ROOT): Uses tcpdump to sniff on all packets that are within the view of your device. The resulting pcap files can be analyzed with Wireshark or the built-in Pcap Analyzer
* Pcap Analyzer: Uses jNetPcap to parse a pcap file. Three options: Packet Distribution, Bandwidth Distribution or Communicating Hosts analysis
* Access Point Default Password Test: Checks a pre-set list of default router passwords against your router’s control panel and notifies you if your router is using a default password
* Access Point Security Test: Displays the access points that are within the view of your device with a note whether they are secure (WPA/WPA2) or not (WEP or unlocked)
* Access Point Scanner: Displays the access points that are within the view of your device
* Internal Vulnerability Scanner (ROOT): Uses nmap to find all devices on the network that are within the view of your device. A note is given whether exploits exists for a given device based on its operating system and open ports
* External Vulnerability Scanner (ROOT): Runs Host Information, Port Scan, Host Vulnerability Scan, Traceroute, Ping or Sniffer functions on a given IP address or hostname
* Host Information (ROOT): Uses nmap to retrieve the device’s hostname, MAC address, vendor, operating system, device name and workgroup
* Port Scan (ROOT): Uses nmap to retrieve the device’s open ports. Click on a port to view the Metasploit results for the device's operating system and port
* Host Vulnerability Scanner (ROOT): Uses nmap to retrieve information about the host along with a note stating whether exploits exists for the device based on its operating system and open ports
* Traceroute (ROOT): Uses nmap to traceroute to a host
* Ping (ROOT): Uses nping to ping a host
* ACCESS_WIFI_STATE, CHANGE_WIFI_STATE, ACCESS_NETWORK_STATE: Used to determine if the device is connected to a Wi-Fi network and to retrieve the data displayed in Network Information function
* CHANGE_WIFI_MULTICAST_STATE: Used by the UPnP Device Scanner function
* INTERNET: Used to retrieve the device’s external IP address in Network Information function, for Metasploit search, and for the optional error reporting.
* WRITE_EXTERNAL_STORAGE: Used to store the nmap and pcap files
SileNet will automatically turn off the phone ringer or switch it to vibrate mode when a SileNet Wi-Fi network is detected. The SileNet networks are being used at cinemas, theaters, conference rooms, lecture halls, offices and anywhere that a quiet environment is required in order to maintain a relaxed ambiance.
How to use the application:
Download the free application, switch it on by touching the SileNet logo and then choose Vibrate or Silent mode.
When entering a place with a SileNet network, the phone will automatically switch to silent-vibrate mode in about 15 minutes, and will automatically switch back to ringer mode after leaving the SileNet network area.
If you would like the phone to ignore a SileNet network, choose that network from the list on the second screen. You can always go back and delete an 'ignored network' by choosing it from the list on the third screen and refresh.
Keep the application turned on at all times to enjoy it anywhere you go.
How can the Wi-Fi router work with SileNet?
Simply add the word SileNet to the Wi-Fi router address anywhere you like (For example: Freesilenet, Silenet.room.network, WiFi-Silenet, etc.) Note: The router does not need to be connected to the internet in order for the application to work.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
© Copyright SileNet All rights reserved
Dr Network provides well versed user interfaces for network utilities available in android platform such as Ping, Netcfg, Netstat, Tcpdump,Ifconfig, ARP Cache, IP Routing Table and IP Locator.
The application is intended to work in rooted devices with network connection. Dr Network has potential to make mobile device as network diagnostic tool.
Upgrade of Dr Network app will come up with more useful add-on functionalities. Please check back soon...
Based on the native engine for ARM / x86 (Atom) platforms.
WARNING! Pro version will be useless if you are not an expert.
WARNING! Please first install and test the free demo version.
The application is working implementation of the tool discussed in this research paper "Android phone based appraisal of app behavior on cell networks" (http://dl.acm.org/citation.cfm?id=2593916)
Quantifying an application’s signaling eﬃciency requires information about:
The data packets that were exchanged.
Corresponding RRC state transitions.
Unlike the existing applications and tools, this application neither requires any special hardware, nor retrieves RRC state in an oﬄine manner using a simulator. The functionality of the tool is split into two parts, the Packet Sniffer and the RRC State Logger.
The packet sniﬀer uses C_packetCapture a binary executable of libpcap, built using libpcap source code and Android NDK. The executable is launched in a shell with superuser privileges. The packet sniﬀer enables us to capture all uplink and downlink packets associated with a network interface, and stores the packet timestamp and header information corresponding to IP, UDP, TCP, and ICMP protocols, in a log.text ﬁle.
RRC State Logger
For Retrieving RRC States, we adopt a novel approach to ﬁnd and record the actual RRC state of the device at any given instant. Android Secret codes are required to switch to RRC service mode. The resulting RRC state transitions with timestamp are stored in a dump.txt file on sdcard.Currently we have secret codes for limited samsung devices, though a wide variety of secret codes are available for different manufacturers.
The detailed description of calculating an application's signalling efficiency from the data collected using our app (RRCpacketSniffer) has been described in this paper "Android phone based appraisal of app behavior on cell networks".
Currently the application supports all Samsung devices ranging from Galaxy S to Galaxy S5. We are working on getting support for other brand devices as well. All devices would require root permission.
Copyright (c), Indraprastha Institute of Information Technology Delhi
Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice is mentioned and research paper is cited.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
NETWORK SNIFFER WIDGET on 3G and WIFI
** NEED ROOT ACCESS **
** NOT an application, it's a WIDGET **
** NOT based on tcpdump or libpcap **
- Start/Stop easily a capture in one click from your home screen.
- Detects automatically the type of connection.
- Write a PCAP file which may be read with tools such as Wireshark.
- A notification indicates the number of captured packets and the total size in bytes.
- At the end of the capture, PCAP file may be sent by email.
- Help is available on SniffDroid application.
Please report bugs at email@example.com, thanks.
Not that feature rich as Wireshark yet, but it's a powerful debugging tool especially when developing an app.
- Capture network packets and record them.
- SSL decryption using man-in-the-middle technique.
- No root required.
- Easy to use.
- Show packet in either hex or text.
You don't need to setup a dedicated proxy server like mitmproxy, Fiddler or Charles. All you need is just your Android device.
** How to get rid of PIN number **
If you want to get rid of entering PIN number on a lock screen after Packet Capture is uninstalled, it is needed to clear credential storage.
Go to OS Setting->Security->Clear credentials
Captured data are saved as a PCAP file format in the external storage.
If you want a more detailed analysis, please transfer the file to your PC and use the software handles PCAP format(such as Wireshark).
★ Differences between tPacketCapture and tPacketCapture Pro ★
Pro Version include an Application filtering feature.
Application filtering is able to capture only a specific application communication.
Note that sometimes this app will just crash while opening a file. Just try it again and it should work.
If you have any problems or want to request a feature, contact firstname.lastname@example.org
several famous separate tools and more over offers a good and unique alternative of Wireshark for android.
The main features are:
* network discovery with OS detection
* network traffic analysis
* passwords recovery
* files recovery
WARNING! If you face any problems reinstall busybox and supersu!
Runs on Android >=2.3.3 with root+busybox
Looks better on high resolution, but completely comfortable on 480x720.
Please note that external hardware (i.e., a USB Sniffer accessory/device) is required to actually capture frames. However, application features can be tried out using the test mode.
* Capture 802.15.4 frames (by using a sniffer 15.4 accessory/device).
* Display captured frames.
* Filtering (by frame type, source address, destination address, and payload).
* Store captured frames on phone memory for future display.
* Export captured frames to PCAP format (Wireshark compatible).
* Live forwarding to an arbitrary IP address using the Zigbee Encapsulation Protocol (ZEP).
* Test mode (to try out application functionality without a sniffer 15.4 accessory/device).
To actually sniff packets you can use the following hardware:
- A Tmote Sky (a.k.a TelosB) configured as a sniffer 15.4 device; or
- A SEED-EYE board configured as a sniffer 15.4 accessory
In general, the SEED-EYE board should work on every Android device (3.1+), while the Tmote Sky works only on Android devices supporting the USB host mode (e.g., the Samsung Galaxy Nexus).
* Nexus S (Tmote sky *not* supported, you must use a SEED-EYE board)
* Galaxy Nexus
More info can be found at http://rtn.sssup.it/index.php/software/sniffer-154
- Daniele Alessandrelli
- Andrea Azzarà
PS: for reporting problems, bug, comments, etc, please send an e-mail to email@example.com. Thanks!
Nmap will help you to discover hosts, protocols, open ports, services and its configuration and vulnerabilities on networks.
Frontend supports all known Android architectures: arm, mips and x86.
Nmap binaries are transferred using HTTPS by default.
Network Mapper is released under open source license and source is available on GitHub:
Android binary versions of Nmap are built using following port: