WiFinspect is a multi-tool intended for Computer Security professionals and other advanced users that wish to monitor the networks they own or have permission, i.e. the app is a security audit tool and not a hacking tool. The functions include:
* Network Information
* UPnP Device Scanner
* Host Discovery
* Network Sniffer
* Pcap Analyzer (three options)
* PCI DSS Menu
- Access Point Default Password Test (requirement 2.1.1.c)
- Access Point Security Test (requirement 4.1.1)
- Access Point Scanner (requirement 11.1)
- Internal Network Vulnerability Scanner (requirement 11.2.1)
- External Network Vulnerability Scanner (preparation for requirement 11.2.2)
* Host Information
* Port Scan
* Host Vulnerability Scan
This app is a student dissertation by Andreas Hadjittofis as part of his MSc in Computer Security at the University of Birmingham. The project is supervised by Dr Tom Chothia. The developers of this app cannot be held responsible for how this app is being used. The app comes with no guarantees.
* Based on your reports, Nmap WILL NOT WORK on devices running Android 2.1 and 2.2. You will get the "Some binaries could not be installed" error message and will be presented with the non-root mode. If you are using a newer Android version, please email me.
* Network Information (ROOT): Information about the connected network like MAC and IP addresses, gateway etc
* UPnP Device Scanner: Lists all UPnP devices on the network that are within the view of your device
* Host discovery (ROOT): Uses nmap to discover all devices on the network that are within the view of your device
* Network Sniffer (ROOT): Uses tcpdump to sniff on all packets that are within the view of your device. The resulting pcap files can be analyzed with Wireshark or the built-in Pcap Analyzer
* Pcap Analyzer: Uses jNetPcap to parse a pcap file. Three options: Packet Distribution, Bandwidth Distribution or Communicating Hosts analysis
* Access Point Default Password Test: Checks a pre-set list of default router passwords against your router’s control panel and notifies you if your router is using a default password
* Access Point Security Test: Displays the access points that are within the view of your device with a note whether they are secure (WPA/WPA2) or not (WEP or unlocked)
* Access Point Scanner: Displays the access points that are within the view of your device
* Internal Vulnerability Scanner (ROOT): Uses nmap to find all devices on the network that are within the view of your device. A note is given whether exploits exists for a given device based on its operating system and open ports
* External Vulnerability Scanner (ROOT): Runs Host Information, Port Scan, Host Vulnerability Scan, Traceroute, Ping or Sniffer functions on a given IP address or hostname
* Host Information (ROOT): Uses nmap to retrieve the device’s hostname, MAC address, vendor, operating system, device name and workgroup
* Port Scan (ROOT): Uses nmap to retrieve the device’s open ports. Click on a port to view the Metasploit results for the device's operating system and port
* Host Vulnerability Scanner (ROOT): Uses nmap to retrieve information about the host along with a note stating whether exploits exists for the device based on its operating system and open ports
* Traceroute (ROOT): Uses nmap to traceroute to a host
* Ping (ROOT): Uses nping to ping a host
* ACCESS_WIFI_STATE, CHANGE_WIFI_STATE, ACCESS_NETWORK_STATE: Used to determine if the device is connected to a Wi-Fi network and to retrieve the data displayed in Network Information function
* CHANGE_WIFI_MULTICAST_STATE: Used by the UPnP Device Scanner function
* INTERNET: Used to retrieve the device’s external IP address in Network Information function, for Metasploit search, and for the optional error reporting.
* WRITE_EXTERNAL_STORAGE: Used to store the nmap and pcap files
If you don't have dSploit, grab it from http://dsploit.net
NOTE: THIS APP HAS SIMILAR REQUIREMENTS TO dSploit
- Your phone must be rooted
- You must have Gingerbread+ (2.3+)
Share your scripts!
- Download scripts created by others.
- Submit your own!
This app is open source and licensed under GPL v3.
You can browse the code here: http://github.com/jkush321/dsploitscripts
The scripts this app downloads are licensed under the MIT License.
You can browse the repository here: http://github.com/infacraft/dsploitscriptsrepo
- The first box is local IP, which is the IP address that the iphone will receive from either the mobile or WIFI network.
- Then the public IP, which is the IP address that the iphone presents to the outside world. It can be the same as the cellular IP, Wifi IP or an entirely different address depending on whether your cellphone provider or WIFI network uses NAT.
- The IMEI will be available if its a phone device.
- The final box is your device's WIFI MAC address.
### Please do not download if you do not have a fully working monitor wireless device ###
Droid Dump is a gui for famous wireless auditing tool airodump-ng.
1. Rooted device
2. Wireless network in monitor mode ( you will only be able to select a wireless interface in monitor mode in settings)
3. SDcard ( for saving captured packets)
1. Basic Airodumping
2. Filter by BSSID
3. Filter by Channel
4. Filter by Encryption
5. Save capture file (requires SD card saved in DroidDump folder)
6. Copy BSSID, Client Mac
1. Fake Auth ( will require another app)
2. DeAuth client( will require another app)
3. DeAuth all clients ( will require another app)
for galaxy note 2 users can grab a supported kernel, modules and more from
cyanogen based rom http://goo.gl/QRAKY
stock rom http://goo.gl/fgd63
please install airmon to put your device in monitor mode http://goo.gl/Wv3LA
Busybox is needed by several root apps and is a powerful utility. Learn more about busybox at http://busybox.net/
☆ Latest version of busybox included
☆ Advanced installer
☆ Scripter to create and run your scripts
☆ Check for new versions automatically (don't need to update the app)
☆ View a list of applets and their usage
☆ Delete busybox from your system
BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. The utilities in BusyBox generally have fewer options than their full-featured GNU cousins; however, the options that are included provide the expected functionality and behave very much like their GNU counterparts. BusyBox provides a fairly complete environment for any small or embedded system.
BusyBox has been written with size-optimization and limited resources in mind. It is also extremely modular so you can easily include or exclude commands (or features) at compile time. This makes it easy to customize your embedded systems. To create a working system, just add some device nodes in /dev, a few configuration files in /etc, and a Linux kernel.
BusyBox is maintained by Denys Vlasenko, and licensed under the GNU GENERAL PUBLIC LICENSE version 2.
Busybox Installer is open source under GNU license. Improvements and feedback is welcome.
Developed by: JRummy Apps Inc.
Sourcecode is available on GitHub: https://github.com/muodov/sqlmapchik
Note that Google Play version may not include the latest available sqlmap version. To build a cutting-edge package, see instructions on GitHub
NOTE: The very first launch will take some time for the files need to be unpacked.
Project is currently in beta (I suppose it will always be as sqlmap is constantly evolving :)
At this point, not all of sqlmap features are supported. Here is what doesn't work for sure:
* sqlmap API
* log colorizing
* beeping :)
* user-defined function injection
* metasploit integration
Other features _should_ work. If you find an issue (I bet you will:), don't hesitate to report it on Github, by email, Twitter, pidgin mail etc.
* sqlmap homepage: http://sqlmap.org
* my twitter: [@muodov](https://twitter.com/muodov)
It supports 3G, protocol recognition, and many other features.
If you don't understand how to use it, just send me an email, I'll explain it more precisely.
Features are lacking currently. Though currently there is support for a Full GPS data dump, along with live GPS data monitoring!
Note: NO LOCATION DATA IS STORED ANYWHERE!
Please note that external hardware (i.e., a USB Sniffer accessory/device) is required to actually capture frames. However, application features can be tried out using the test mode.
* Capture 802.15.4 frames (by using a sniffer 15.4 accessory/device).
* Display captured frames.
* Filtering (by frame type, source address, destination address, and payload).
* Store captured frames on phone memory for future display.
* Export captured frames to PCAP format (Wireshark compatible).
* Live forwarding to an arbitrary IP address using the Zigbee Encapsulation Protocol (ZEP).
* Test mode (to try out application functionality without a sniffer 15.4 accessory/device).
To actually sniff packets you can use the following hardware:
- A Tmote Sky (a.k.a TelosB) configured as a sniffer 15.4 device; or
- A SEED-EYE board configured as a sniffer 15.4 accessory
In general, the SEED-EYE board should work on every Android device (3.1+), while the Tmote Sky works only on Android devices supporting the USB host mode (e.g., the Samsung Galaxy Nexus).
* Nexus S (Tmote sky *not* supported, you must use a SEED-EYE board)
* Galaxy Nexus
More info can be found at http://rtn.sssup.it/index.php/software/sniffer-154
- Daniele Alessandrelli
- Andrea Azzarà
PS: for reporting problems, bug, comments, etc, please send an e-mail to firstname.lastname@example.org. Thanks!
The free version includes the following features:
- 1, 2, 4, and 8 word modes allows working with values up to 64 bits in length.
- Allows chaining multiple operations together.
- Supports logical and arithmetic shift operations.
- Supports NOT, AND, OR, and XOR operations.
- Provides base-16, base-10, and two’s compliment signed base-10 interpretations of binary values.
- Works in both landscape and portrait modes.
- Saves your calculations automatically when you exit.
In the future Bit Fiddler will add the following features as part of updates to the all versions of the app:
- Big-endian mode and little/big endian conversion operations.
- Support for a floating point interpretation like IEEE 754.
- Support for character interpretations like UTF-8, ASCII, and Unicode.
- French and German (when I can find someone to translate strings for me).
- Size settings to make the app more usable for people with poor eyesight.
- Wikipedia integration to provide quick access to articles on binary standards and operations.
- Bug fixes (of course).
A planned "pro" version will add the following features:
- Support for 16 word (128 bit) values
- Circular shift operations.
- Support for fixed float interpretations.
- Saving and loading calculations to files.
- Definition of variables for easy insertion of values (e.g. "MY_BITMASK_HEX_VALUE=0xFFFF").
Current distros include Ubuntu, Debian, Fedora, ArchLinux, Kali Linux, openSUSE and more coming soon!
* Kernel that supports loop devices (see http://linuxonandroid.org/working-devices/ for known working kernels and ROMs)
* Armv7 processor (Debian does work on Armv6 but other distros do not)
* As much free RAM as possible (you are after all installing a desktop OS)
--------------------Included in the app--------------------
* Installer for Ubuntu 13.04, 13.10, Debian 5 and 8, Kali Linux, Fedora 19, Arch Linux
* All future Linux distros I support
* Boot widget
* Linux Launcher
* Both Torrent and Normal download options
--------------------Need Help or more Info? --------------------
We offer a range of support channels to make sure all users get the help they need, please do not rate the app low if you have not tried to get support, what makes us different to other projects is we try VERY hard to give support to all users. The following methods are avaible:
*Wiki with FAQ and other useful pages https://sourceforge.net/p/linuxonandroid/wiki/Home/
*Live Chat via IRC http://linuxonandroid.org/irc/ (or #linuxonandroid-help on freenode)
*Forum support via http://forum.linuxonandroid.org/
*And Email support via email@example.com
IT IS JUST A LIST, DON'T EXPECT ANYTHING MORE THAN THAT (sorry for all caps, but some people expect matrix meets mission impossible... and give a bad rating when their expectations are not met :) )
Please read the description...
Penetration test is used to test security of something. (if that something passes penetration test, there is a higher chance that hacker cant hack into it)
Apps are sorted with Tags.
Links to Apps on the Play Store.
Links to Apps that are NOT on the Play Store
Links to Source Code of Open Source Apps
Links to App websites.
Links to Google the name of the App or App Package.
Alternative Links to PlayStore and PlayStore Website (just in case someone likes to have those) Some apps are not on the play store, so those links wont work on the Google Play Store, but might work on other Stores (for example Aptoide).
Because there are not many pentest apps for android, there are also some useful apps for network administrators, system administrators, geeks and more :)
Tools will be as soon as i find some. if you found some app that is not there, or have any ideas on how can i make this app better, just hit me up on email.
This app requires permission to access the internet, because this app is actually a browser that is showing my website. (all the info about apps and app links are on that website)
Keywords: network net internet system sys linux pen penetration pentest test testing vulnerability programming hack hacking hacker intrusion security sec protection scanner analyzer anonymous protocol address ip
several famous separate tools and more over offers a good and unique alternative of Wireshark for android.
The main features are:
* network discovery with OS detection
* network traffic analysis
* passwords recovery
* files recovery
WARNING! If you face any problems reinstall busybox and supersu!
Runs on Android >=2.3.3 with root+busybox
Looks better on high resolution, but completely comfortable on 480x720.
Retailers, crooks, the government, and others shady individuals are tracking your movements. Even when your Wi-Fi is turned off, your phone may be broadcasting information to whomever is in range which can be used both to track repeated visits to as well as your exact movements in an area under surveillance.
It's not a big step to couple this to personal information - a retailer for example, could track your trip to the register and correlate with your payment information. Now the tracking hardware and software vendors, the store (or chain) owner, their business partners, they can now all track where you are every time you come into range of one of their systems, and fully profile who you are, what you do, your financials, and your daily patterns!
That is just one example, but there are many uses for tracking you. Make no mistake, this is happening in the real world today.
One solution is shutting off Wi-Fi completely (including the background network scanning, a setting most people don't know about), but you would lose benefits like automatically connecting to known Wi-Fi networks and improved location awareness for your apps. It also does nothing to help the situation for others.
Pry-Fi will prevent your device from announcing all the networks it knows to the outside world, but it will still allow background scanning and automatically connecting to Wi-Fi networks. While you are not connected to a Wi-Fi network, the MAC address will constantly be pseudo-randomized, following a pattern that still makes the trackers think you are a real person, but they will not encounter your MAC address again. This will slowly poison their tracking database with useless information.
When you do connect to a Wi-Fi network, unless you specify otherwise, your MAC address will also be randomized - the same MAC address will not be used the next time you connect to this or any other network.
Though of course the companies involved with these trackers claim they wouldn't use the data maliciously, the possibility is there, and we all know that if something can be abused, ultimately it will be. There do not appear to be any laws against these practices yet, nor is it likely Wi-Fi will be redesigned any time soon to get rid of the information leaks.
But we can make an effort to reduce the usefulness of the tracking data for the exploiters. Pry-Fi comes with a War mode, which when enabled tries to make your Android device appear like dozens of people. Just wandering around an area under Wi-Fi location surveillance for a few minutes can ruin the tracking data for the period of your stay.
Proof of Concept
This is proof-of-concept code, and how for it will go in the future depends on interest and how well it works. It has been tested on several devices and seems to work, but it is very young still. The magic the app does to achieve its purpose is ever subject to changing Android security policies and OEM customizations, so even though it works now, there really is no saying if it will still be possible in future firmwares.
Of course you should also keep in mind that tracking can be done in many ways, and these W-Fi signals are far from the only method in use.
Further details, device compatibility information, FAQ, discussion, etc is all available on XDA-Developers.com here:
If you are not located inside Greece you can still try your luck with this app but don't be mad if it doesn't work at all in your territory. In case you manage to connect to a network othen than yours you have to inform the owner so that he/she change password.
~ I DO NOT OWN ANY RESPONSIBILITY OF HOW THIS APP MAY BE USED ~
~ THIS IS AN AD SUPPORTED APPLICATION ~