on

Top 12 Best Android Apps for Hackers and Penetration Testers 




Now a days, smart mobile devices is very common. There are many operating system for mobile devices available but the most common and the best operating system for mobile is Android. Android has faced different challenges from hacking application and below is the list of application for android hacking. This Android Apps to Turn Your Smartphone into a Hacking Device

1. SpoofApp
Here is an app that spies at heart could use – SpoofApp. It allows you to use a fake Caller ID – a number that you are free to specify yourself, in order to protect your privacy or to pull a prank on someone. Sounds like fun, doesn’t it? Well, Apple didn’t think so, which is why it never allowed the app to enter its App Store. Google, however, didn’t mind, which is why SpoofApp was available on the Android Market for about two and a half years. However, it was banned from there last year as it allegedly was in conflict with The Truth in Caller ID Act of 2009.This can be useful in social engineering. 

->Download it from here


2. FaceNiff
Requirements: Android 2.1+ (rooted)

Overview: FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to.
It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK). It’s kind of like Firesheep for android. Maybe a bit easier to use (and it works on WPA2!). Please note that if webuser uses SSL this application won’t work.
Legal notice: This application is for educational purposes only. Do not try to use it if it’s not legal in your country. I do not take any responsibility for anything you do using this application. Use at your own risk.


3. Penetrate Pro
Requirements: Android 2.1+ (rooted)
Overview: The most of the times you scan the Wi-Fi networks available around, they’re protected with key. Penetrate is an app that help you out with that. If the routers of that Wi-Fi networks are encrypted with WEP/WPA it will bring you the keys to access them. This seems a sort of cracking, but the developers says it isn’t, because it’s supposed to get the keys for penetration testing and you should use it only with permission from network owners. Well, apart from those regardings, it does what it says. Check the developer description to know which routers are supported.
Take in account that if you have an antivirus installed in your device, it will warn you about this app. The developer says it’s normal because it’s a security-related tool. Penetrate isn’t a danger for your phone.
This is the paid version (€1.99) that contains no ads, some more features and sponsors further development. What’s more, it allows you to use 3G to get the password instead of using dictionaries that you will have to download in the free version.
Penetrate works properly with the range of routers supported. We’re missing more though. Despite the apparent use for which it was developed this application, we all know the “regular” use. And if you’re looking for it, give it a chance. It’s a great app.

->Download it from here


4. Anti-Android Network Toolkit
Requirements: Android 2.1+ (rooted)
Anti-Android Network Toolkit is an app that uses WiFi scanning tools to scan networks. You can scan a network you have the phone connected to or you can scan any other nearby open networks. Security admins can use Anti to test network host vulnerabilities to DoS attacks and other threats.

->Download it from here



5. Andosid
AnDOSid is the application which is used for DOS attacks from Android mobile phones.

->Download it from here


6. Nmap For Android
Nmap is a network scanner tool which gives the entire information of the ip address and website. There is a version of nmap for Android users too, with the help of this app hackers can scan the ip's through mobiles.

->Download it from here


7. The Android Network Toolkit
The Android Network Toolkit is an complete tool kit for the pentesters , where hackers can find expolots using the mobile and penetrate or attacks the ip's according to their vunerabilities.

->Download it from here
  

8. SSHDroid- Android Secure Shell
Secure shell or SSH is the best protocol that provides an extra layer of security while you are connecting with your remote machine.SSHDroid is a SSH server implementation for Android.
This application will let you to connect to your device from a PC and execute commands (like "terminal" and "adb shell").

->Download it from here


10. WiFi Analyzer
WiFi Analyzer is one of the most popular applications in the Android Marketplace, which is really a testament to how wildly useful this tool is for both the average user and the more technically inclined. In the most basic of terms, WiFi Analyzer is a tool to scan the area for WiFi networks and determine which channel is the least populated so you can adjust your own hardware to a less congested part of the spectrum.

->Download it from here 




11. ConnectBot
ConnectBot is an exceptionally well done SSH/Telnet client, which also acts as a terminal emulator for the local Linux sub-system. While there are better terminal emulators (though not for free), there is no question that ConnectBot is the absolute best SSH client available for Android. 

->Download it from here 


12. Network Discovery
Network Discovery is a handy tool for finding and enumerating devices on public WiFi networks. Network Discovery uses a simple ping scan to find hosts on the network, and then allows the user to select one of the found hosts to target for a TCP connect() scan. 

->Download it from here
  

Extra Bonus : dSploit
dSploit is an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assesments on a mobile device. Once dSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many tcp protocols, perform man in the middle attacks such as password sniffing ( with common protocols dissection ), real time traffic manipulation, etc.

Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do.