Mobile Apps

With the ever increasing Smart Phone market – everything is always connected, at all times. Here are a list of some hacking / pentest tools available for iPhone and/or Android – - Please comment with suggestions if I have missed any or you would like a hacking app listed

——————————————————————————–

Whisper Systems

There are a variety of sckiddie ‘hacking’ apps coming out for phones, but they are jeuvinile. In addition, the ‘Mobile Anti Virus’ products coming out are almost useless. With some android devices you can attempt to install entire Linux distros, such as BackTrack and run metasploit and kismet etc.

But for this. Whisper Systems created by Moxie Marlinspike (and recently acquired by Twitter) has the nicest range of security (defense) products for Android devices on the market. Definately worth checking out.

ANTI (Android Network Toolkit)

Pretty extensive suite of penetration testing tools all in a pretty GUI. You have to pay for the better features, but it is a very well rounded application for mobile hacking/testing.

DroidSheep

Ported version of the popular FireSheep plugin which is works over Wifi and attempts to hijack current logged in website sessions. You need to root your Android for to install this.

FaceNiff

Essentially DroidSheep, FaceNiff is streamlined for hijacking Facebook accounts over Wifi.

Tor

Finally Tor has come to Android. Tor is an awesome anonymity tool which bounces you through numerous proxies before reaching your target.

Fing (Apple)

For Apple IOS. Fing is a clean network scanner. Quick, light, and easy to use

Vtrace (Apple)

VTrace is a visual traceroute app. Everything is better with a slick GUI.

PayCardReader

Using NFC on Android, PCR can swipe credit card information from contactless cards such as PayPass MasterCard, Visa payWave and Barclays PayTag. Very fun to play with :)

It’s Me! Android Vault

Vault apps (similar to TrueCrypt containers) can securely protect your private information (including Credit Card details and passwords) that is stored on your Android phone.

It’s Me! Android vault application not only uses a pattern grid for authentication, it also adds an extra layer of security by allowing the user to add their own operators to the password pattern of their choice.

inSSIDer (Android)

Finally, one of my favorite wifi scanning tools has come to Android. inSSIDer is a feature rich application for scanning, monitoring and mapping wireless networks. It doesn’t have any cracking capabilities, but is good for a recon tool (for example, you can easily find out who around you is broadcasting that SSID)

Burner

For both iPhone and Android, burner is an awesome app which allows you to mask your mobile phone number when making calls or txts. Can come in handy during those social engineering expeditions.

WiFinspect

Very neat and tidy little wireless hacking app for Android. It requires Root to run the wifi sniffer and other fun tools, but without root, you can still scan and detect networks.  Very clean and fast.

Leave a Reply