One thing I really like about the Android OS is the variety of tools available for penetration testers. I’ve been wanting to share my list with you from some time and I finally got around to do it.
Shark for root / Shark for root (native)
WIFI/3G traffic sniffer.
A passive wifi network monitor that allows your phone to capture network traffic from other devices on open and WEP protected wireless network,
Unofficial port of Nmap for Android
Official port of the Tor network for Android
Database of default login credentials for hundreds of network devices.
Wireless WEP/WPA key generators
These apps generate the default WEP/WPA keys for different routers.
- Router Keygen – Link not available anymore (App could have been removed from Market)
- Penetrate – Link not available anymore (App could have been removed from Market)
- HHG5XX – Supports Huawei HG5XX devices. https://market.android.com/details?id=com.pcalderon.hhg2xxfree
- Wlan4xx – https://market.android.com/details?id=decrypter.wlan4xx.free
Great wardriving application.
A huge advantage of Android having an ARM EABI architechture is that you can run any linux distribution that supports it. Note that you will not be replacing the operative system and the image will run on top of it. You may find different installation instructions according to your model/version:
Running a full Linux distribution will give you access to tools like:
- And many more
Did I miss an application? Feel free to let me know!