Donate to us via Paypal!
Don't judge the unknown - Grindordie
Friday, July 03, 2020
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 81
Guests Online: 68
Members Online: 13

Registered Members: 127011
Newest Member: vikky_1936
Latest Articles

View Thread

HellBound Hackers | Computer General | OS specific

Author

Android pen-testing apps.

T0pspin
Member



Posts: 18
Location:
Joined: 01.05.17
Rank:
Moderate
Posted on 15-01-20 02:16
Hello HBH.
 
I have a brand new Samsung phone that I want to install lots of awesome hacking apps onto, but the trouble is most of the ones I've already tried are either rubbish, or have endless adverts every time you click anything, and I'm too afraid to install anything that hasn't come from the official Play Store as I don't want to infect my phone with some virus or a malware.

So what apps do you guys use and consider to be so essential, that you couldn't do without them, and would instantly reinstall them if you got a new phone or your old one was broken.

Any suggestions are welcomed.   Thanks.
Author

RE: Android pen-testing apps.

Futility
Member

Your avatar

Posts: 760
Location: USA
Joined: 17.12.07
Rank:
God
Posted on 15-01-20 03:42
T0pspin wrote:
Hello HBH.
 
I have a brand new Samsung phone that I want to install lots of awesome hacking apps onto, but the trouble is most of the ones I've already tried are either rubbish, or have endless adverts every time you click anything, and I'm too afraid to install anything that hasn't come from the official Play Store as I don't want to infect my phone with some virus or a malware.

So what apps do you guys use and consider to be so essential, that you couldn't do without them, and would instantly reinstall them if you got a new phone or your old one was broken.

Any suggestions are welcomed.   Thanks.

Sort of tangential - sorry in advance - but why are you trying to install "hacking tools" on your phone in the first place? The idea of a mobile "Kali in your pocket" might seem cool, you've got to remember that having a keyboard and screen larger than 6 inches or whatever is actually pretty necessary for getting anything done.

That being said, I do enjoy having an SSH client on my device so if I ever have to restart some service on the fly I totally can.

If anyone has a different opinion, I'd love to hear it too!
Futility91@hotmail.com Futility91
Author

RE: Android pen-testing apps.

T0pspin
Member



Posts: 18
Location:
Joined: 01.05.17
Rank:
Moderate
Posted on 16-01-20 01:13
For me the phone screen size is just fine, as all the apps I have now you just press buttons like on any other app, so they're all easy to work with.

Kayra the Pentester Lite
HTTP Shortcuts
GetHTTPHeaders
Nipper Toolkit

Is what I have installed right now.
Author

RE: Android pen-testing apps.

Huitzilopochtli
Member



Posts: 1639
Location:
Joined: 19.02.13
Rank:
God
Posted on 18-01-20 08:28
The apps I mainly use are these:

ExpressVPN:  No logs VPN provider.

G-Mon:  a wardriving scanner that finds all WiFi networks in range and saves the results into a .klm file with GPS coordinates, that can be loaded into Google Earth.

Fing: a network scanner to find connected devices and open ports on those Wi-Fi networks.

Routerpwn:  a whole fuckload of exploits, advisories, and key generators for use with those SSID's and MAC addresses.

AndFTP,  AndSMB and JuiceSSH as they connect automatically if you tap the port number after scanning with Fing.

Hash Suite Droid:  has a great set of rules for manipulating wordlists etc, version 1.2 cracks md5's at the rate of 35.6 Million a second on a Galaxy s6, compared to the newest versions lowly 16.5M.

Shodan: search engine for finding internet-connected devices.

Termux:  a terminal emulator and Linux environment that lets you install things like PHP, Perl, Ruby, Python along with all the modules and packages you'd normally only have access to from a desktop computer.

QPython: for editing/working with python as its like IDLE on the desktop.

Greenify: to kill running processes.

Service Disabler: to stop them for good.

Those will all work an unrooted Android, but if you root your phone it will allow you to do so much more.


.

Edited by Huitzilopochtli on 19-01-20 04:08
Author

RE: Android pen-testing apps.

T0pspin
Member



Posts: 18
Location:
Joined: 01.05.17
Rank:
Moderate
Posted on 18-01-20 15:00
Oh wow, I had really only thought about website based hacking before now, but I'm definately going to try out a few of those apps as they've already peaked my interest. Thanx dude. Grin
Author

RE: Android pen-testing apps.

Huitzilopochtli
Member



Posts: 1639
Location:
Joined: 19.02.13
Rank:
God
Posted on 19-01-20 07:20
Futility wrote:  You've got to remember that having a keyboard and screen larger than 6 inches or whatever is actually pretty necessary for getting anything done.

The screen size doesn't matter as you get used to it pretty quickly.

But seriously man, if you're able to install and run a whole shitload of awesome tools right from your phone, why the fuck wouldn't you ?

I've never installed a mobile version of Kali but I do use some of its various tools like metaspliot, nmap nikto, ssl-strip, packet sniffers etc, and they all work and display perfectly on an s6 screen. As does QPython, so completing HBH's timed challenges, and cracking captchas with OCR and the like,  is just as easy on a mobile phone as it is on a normal computer.

I suppose if you couldn't adapt to the smaller keyboard you could always connect a bluetooth one, and bask in the public shame that accompanies it lol.


.

Edited by Huitzilopochtli on 19-01-20 07:22
Author

RE: Android pen-testing apps.

Futility
Member

Your avatar

Posts: 760
Location: USA
Joined: 17.12.07
Rank:
God
Posted on 22-01-20 16:29
Huitzilopochtli wrote:
The screen size doesn't matter as you get used to it pretty quickly.

But seriously man, if you're able to install and run a whole shitload of awesome tools right from your phone, why the fuck wouldn't you ?

I've never installed a mobile version of Kali but I do use some of its various tools like metaspliot, nmap nikto, ssl-strip, packet sniffers etc, and they all work and display perfectly on an s6 screen. As does QPython, so completing HBH's timed challenges, and cracking captchas with OCR and the like,  is just as easy on a mobile phone as it is on a normal computer.

Ah yes, that's totally fair- I was thinking of projects that would be considerably more difficult. Binary reversing/exploitation/building the types of tools that exist in Metasploit modules or crafting particularly elaborate bypasses for pen-testing scenarios are cases where I don't think I can agree with the "as easy on a phone as it is on a normal computer". But for fun little recon-type examples I could see any of those tools you mentioned in your other post to be nice to have.


I suppose if you couldn't adapt to the smaller keyboard you could always connect a bluetooth one, and bask in the public shame that accompanies it lol.

Gross.
Futility91@hotmail.com Futility91
Author

RE: Android pen-testing apps.

Huitzilopochtli
Member



Posts: 1639
Location:
Joined: 19.02.13
Rank:
God
Posted on 23-01-20 16:43
These are both extremely handy for working with binaries:

http://docs.pwntools.com/en/stable/
https://github.com/david942j/one_gadget/


.
Author

RE: Android pen-testing apps.

T0pspin
Member



Posts: 18
Location:
Joined: 01.05.17
Rank:
Moderate
Posted on 03-02-20 23:18
I use python on my computer at home and that pwntools module is amazing. I've been using it with apps from a Korean site and it's really helpful.  The debug function that lets you see the data contained in HTTP requests and responses when running a script is really brilliant.
I like this a lot. Thanks dude.