"translate" android auditing and hacking tools

Last Update:2016-01-28 Source: Internet

Author: User

Tags domain name lookup

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Original: best Android Tools for Security Audit and Hacking (unhappy , find something to do <<<)Android Systems account for 80% of mobile market share and malware, which is a problem. Hacker will be malicious on the phone, not just send a charge sms. In this article, we will introduce penetration testing and attacks on a wide variety of apps (including network testing, cyber attacks, sniffing, etc.).Hackode: Using TutorialsHackode is an app. It is a tool box for hackers to provide a variety of functions for penetration testers, white hats, It administrators, and computer security practitioners, such as reconnaissance and scanning vulnerabilities. Hackode contains a number of tools:Survey (reconnaissance) Google hacker (google Hacking) Google dorks Domain name Lookup service (Whois)Scan (scanning) Ping Route tracking (Traceroute) DNS Lookup　　IP MX Records DNS Dig Exploits Secure Newsletter Subscription (security Rss feed): Click here　　Androrat:The Remote management tool on android, the name Androrat is the Android and rat (remote Access tool) collectively. Android is the C/S architecture application, Android is the client, java/swing is the Server. It contains the following features:Get contact information Get call history get all information get to location (locations by Gps/network)Monitor incoming information monitor phone status control camera photo control microphone　Play Video Popup toast info box send SMS CallIn the default browser open page control phone vibrator: Click hereApkinspector:This project is designed to help analyze and reverse workers visualize compiled APK and Dex code . Apkinspector provides analysis and image features of all functions to help users understand malicious apps in Depth.CFG control flow Graph calling graph (call graph) Insert pile (Static instrumentation) Permission Analysis (Permission analyst)Dalvik Codes Smali Codes Java codes APK information: Click hereDroidbox:Droidbox can dynamically analyze the Android appand can generate the following after Analysis:App Hash (hashes for the analyzed Package)Network data sent and received (incoming/outgoing)File read and write operations (operations)Open Services and load classes via Dexclassloader (Started services and loaded classes through Dexclassloader)Information disclosure via networks, files, and short messages (information leaks via the network, file and SMS)Evasion Privileges (circumvented Permissions)Using Android API encryption (cryptography operations performed using Android Api)List broadcast receivers (cryptography operations performed using Android API)Send short interest and call (Sent SMS and phone Calls); point hereZanti:Zanti is a comprehensive network diagnostic Toolkit that completes complex audits and penetration testing with one click. It provides cloud diagnostics that ensure network security by simply installing a simple operating Guide. Contains the following infiltration operations:Network Map Discovery Ports (port Discovery) Tamper Packet (Packet Manipulation) sniffer (Sniffer)MITM (man in the Middle Filters) dos (Pentest dos vulnerabilities) password audit (Password complexity Audit)Inspection vulnerability (penetrate CSE to check server/desktop Vulnerabilty); point hereDroid Sheep: Using TutorialsDroidsheep is a simple Android tool capable of session hijacking . It uses the wireless network to listen for HTTP packets and extract the session from Them. Droidsheep uses the Libpcap library to capture sessions and supports the following networks: OPEN Networks WEP encrypted Networks WPA and WPA2 encrypted Networks (PSK only). Droidsheep is developed to test for vulnerabilities in the network, rather than for malicious attacks.: Click hereDsploit:Dsploit provides an advanced and sophisticated toolkit for IT security professionals and geeks to assess network security on the device, providing an Android network analysis and Penetration kit.Function:Wi-fi cracked (WiFi Cracking) routerpwn trace (trace) port scan (port Scanner)Inspector (Inspector) Vulnerability Detector (vulnerability finder) login hack (login cracker) packet camouflage (Packet forger)Middleman (man in the Middle) sniffer (simple sniff) password sniffing (Password sniff) session hijacking (session Hijacker)Disconnect (Kill Connections) redirect (Redirect) replace picture (replace images) replace video (replace videos)Script Injector (scripts Injector) Customized Filters (custom filter)　　: Click here　　　　Appuse–android Pentest Platform Unified Standalone environment:The Appuse virtual machine is a free system developed by the Appuse lab and offers many customized tools for app security testing in the Android Environment. 　　There's also a reference to the article on Free."translate" android auditing and hacking tools

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More