Androrat:
Remote Administration Tool for Android. The name Androrat is a mix of Android and RAT (Remote Access Tool).
Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.
All the available functionalities are
*. Get contacts (and all theirs informations)
*. Get call logs
*. Get all messages
*. Location by GPS/Network
*. Monitoring received messages in live
*. Monitoring phone state in live (call received, call sent, call missed..)
*. Take a picture from the camera
*. Stream sound from microphone (or other sources..)
*. Streaming video (for activity based client only)
*. Do a toast
*. Send a text message
*. Give call
*. Open an URL in the default browser
*. Do vibrate the phone
DroidBox:
DroidBox is developed to offer dynamic analysis of Android applications. The following information is shown in the results, generated when analysis is ended:
Hashes for the analyzed package
Incoming/outgoing network data
File read and write operations
Started services and loaded classes through DexClassLoader
Information leaks via the network, file and SMS
Circumvented permissions
Cryptography operations performed using Android API
Listing broadcast receivers
Sent SMS and phone calls
Droid Sheep:
DroidSheep is a simple Android tool for web session hijacking (sidejacking). It listens for HTTP packets sent via a wireless (802.11) network connection and extracts the session id from these packets in order to reuse them.
DroidSheep can capture sessions using the libpcap library and supports: OPEN Networks WEP encrypted networks WPA and WPA2 encrypted networks (PSK only)
DroidSheep is not intended to steal identities or endamage anybody, but to show the weak security of non-ssl webservices
dSploit:
dSploit is an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assessments on a mobile device.
Features
*. WiFi Cracking
*. RouterPWN
*. Trace
*. Port Scanner
*. Inspector
*. Vulnerability finder
*. Login cracker
*. Packet forger
*. Man in the middle
*. Simple sniff
*. Password sniff
*. Session Hijacker
*. Kill connections
*. Redirect
*. Replace images
*. Replace videos
*. Script injector
*. Custom filter
Revenssis :
Nicknamed as the “Smartphone Version of Backtrack”, Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners, Encode/Decode & Hashing tools, Vulnerability Research Lab, Forensics Lab, plus the must-have utilities (Shell, SSH, DNS/WHOIS Lookup, Traceroute, Port Scanner, Spam DB Lookup, Netstat… etc). All these fitting in an application approx. 10MB (post installation).
Features
All Web Vulnerability Scanners including:
*. SQL injection scanner
*. XSS scanner
*. DDOS scanner
*. CSRF scanner
*. SSL misconfiguration scanner
*. Remote and Local File Inclusion (RFI/LFI) scanners
*. Useful utilities such as:
*. WHOIS lookup, IP finder, Shell, SSH, Blacklist lookup tool, Ping tool,
*. Forensic tools (in imlementation) such as malware analyzers, hash crackers, network sniffer, ZIP/RAR password finder, social engineering toolset, reverse engineering tool
*. Vulnerability research lab (sources include: Shodan vulnerability search engine, ExploitSearch, Exploit DB, OSVDB and NVD NIST
*. Self scan and Defence tools for your Android phone against vulnerabilities
*. Connectivity Security Tools for Bluetooth, Wifi and Internet. (NFC, Wifi Direct and USB in implementation
No comments:
Post a Comment