We are nearing the age of the Internet of Things. Almost all our devices are connected to the Internet, through which we send so much of sensitive data. Therefore, monitoring and securing these networks is crucial. Android devices provide a convenient and flexible solution for basic penetration testing. As they are Linux devices, rooted Android devices can run almost all the basic commands used in the Linux command line. This helps to perform most of the penetration testing techniques.
The following applications require a rooted Android device with Busybox installed.
1) Fing: Fing is a professional app for network analysis. It lets you monitor networks completely with a simple and intuitive interface that helps you evaluate security levels, detect intruders and resolve network issues. It displays the list of devices connected to a particular network with their MAC addresses. It also offers ping and traceroute to test network performance.
Similar apps: Network Discovery and Net Scan
2) Port Scanner: A port is where information goes into and out of the computer. Scanning ports can identify the open doors to a computer. Therefore scanning ports is vital in managing networks. This app lets you scan ports on a remote host via its IP or domain name so that you can know which ports are open on the host. It supports 3G, protocol recognition, and many other features.
Similar apps: Port Detective and PortDroid for network analysis
3) Interceptor-NG: Packet sniffing is to computer networks what wire tapping is to a telephone network. All network data travels across the Internet, in the form of various data packets. Since the typical user never sees any of this raw data, many spyware systems covertly send sensitive information (like passwords or IP addresses) out of users computers without their knowledge. Interceptor-NG is a multi-function network toolkit that helps you analyse these packets being sent. It offers a good and unique alternative to Wireshark for Android.
Similar apps: Packet Capture and Shark for Root
The following applications were developed as penetration testing tools and are not intended to be used in public networks.
1) ANTI: ANTI (Android Network Toolkit) from Zimperium Mobile Security is perhaps one of the best penetration testing tools for security professionals; at the same time, it is a handy tool for hackers! It offers you the power of Backtrack (Kali) in the palms of your hands. This app can simulate various attacks like MITM (Man-in-the-middle), DoS (Denial-of-service), password cracking and Metasploit. It also has the popular Nmap utility integrated into it.
2) DroidSQLi: On a typical user authentication Web form, when the user name and password are entered into the textbox provided, the values are inserted into a select query. Attackers can use these input boxes to send their own requests to the database and obtain vital information. This is called SQL injection. DroidSQLi is the first automated MySQL injection tool for Android. It allows you to test your MySQL based Web application against SQL injection attacks.
Similar apps: sqlmapchik
3) DroidSheep: On a users first visit to any dynamic website, a session ID is granted, which is basically used to keep track of the users data when the user bounces to different pages in the same website. DroidSheep reads all the packets through a network. It looks at their contents and identifies the users SessionID and uses this as its own SessionID, thus hijacking the users website in a logged-in state.
The following applications help users to stay anonymous on the Internet.
1) Orbot: Weve all used TOR to access blocked social media websites in our college and office Web filters. Orbot is an Android application from the official TOR project that does exactly that. It is the safest way to stay completely anonymous on the Internet, instead of connecting to VPNs and proxies. The app lets you choose which apps need to use TOR. ORWEB is a dedicated TOR browser for Android, also from the TOR project.
2) OpenVPN: OpenVPN is the best VPN client for Android. As the name suggests, it is completely open source. It can be easily configured to run on any port. It only uses a 128-bit encryption key which makes it faster but still, to all intents and purposes, remains uncrackable through brute force, and will remain so for the foreseeable future.