Android Privacy Guard v1.0.8 - OpenPGP for Android

There's no public key encryption for Android yet, but that's an important feature for many of us. Android Privacy Guard is to manage OpenPGP keys on your phone, use them to encrypt, sign, decrypt emails and files.

Change log v1.0.8

• HKP key server support
• app2sd support
• more pass phrase cache options: 1, 2, 4, 8 hours
• bugfixes

Download Android Privacy Gaurd

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

dSploit v1.0.23b -- Android network penetration suite

Have you ever wanted to dabble in network security testing? dSploit is an Android based network analysis & penetration suite. It is a comprehensive toolchain which can be used by anyone in order to perform a number of advanced network analysis and Pentests. dSploit contains a number of powerful functions for IT security experts/geeks, but is easy enough for just about any one to perform exploits.

dSploit allows you to analyze, capture, and manipulate network packets. You can scan networks for connected devices like other smartphones, laptops, & identify the operating system, running services and open ports on each device. Once open ports are known, you can go further by checking open ports for vulnerabilities. These features together make dSploit the most complete and advanced professional toolkit to perform network security assesments on any mobile device, ever.

Other than analysis, dSploit even allows man in the middle attacks for a number of network protocols i.e. you can monitor and inject packets into the network and spoof your identity. In simpler words, it allows you to intercept wireless network traffic and mess it with in the way you want. You can poison the DNS, for example, so that your family members go to Google+ everytime they try open facebook, or replace all the images with a custom PWNed/funny image. The ideas are what limit you, possibilities of fun are endless.

Available Modules in dSploit :

• RouterPWN
• Launch the http://routerpwn.com/ service to pwn your router.
• Port Scanner
• A syn port scanner to find quickly open ports on a single target.
• Inspector
• Performs target operating system and services deep detection, slower than syn port scanner but more accurate.
• Vulnerability Finder
• Search for known vulnerabilities for target running services upon National Vulnerability Database.
• Login Cracker
• A very fast network logon cracker which supports many different services.
• Packet Forger
• Craft and send a custom TCP or UDP packet to the target.
• MITM
• A set of man-in-the-middle tools to command&conquer the whole network .

The app is currently in beta, so there may be bugs present. However, a large number of users are reporting good feedback in the thread. You need to be running at least Android 2.3 Gingerbread, and the device must be rooted.

Download dSploit

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

WiFiKill v1.7 - Eject any WiFi device from network

If you want to disable any ip address which use same router to connect internet. Now you can used your android application, WifiKill use as can disable internet connection for a device on the same network. This is alternate version of NETCUT for Android. Simply allows you to scan your wifi network for devices, see their vendor and cut network connection for specified devices. This way you can get rid of network hoggers. It gives option to redirect HTTP traffic to specific IP, this feature can be used even to do phishing smartly.

Changelog:
- fixed the counter bug (I hope for the last time)
- added an option to redirect HTTP traffic to specific IP (caution! this may lead to significant CPU load)
- now successful kills are tagged by green icon on the left of IP (this is not 100% correct)

Download this application from LINK 1 or LINK 2

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Mercury v1.1 - The Android Vulnerability Assessment framework

Mercury is a free framework for bug hunters to find vulnerabilities, write proof-of-concept exploits and play in Android. It allows you to use dynamic analysis on Android applications and devices for quicker security assessments and share publicly known methods of exploitation on Android and proof-of-concept exploits for applications and devices.

The new version is compatible with new Android releases including Ice Cream Sandwich and Jelly Bean, meaning you can now run Mercury on the latest and greatest hardware. This enables you to be the first to find and report previously undisclosed bugs on that newly released phone!

Mercury allows you to:

1. Interact with the 4 IPC endpoints – activities, broadcast receivers, content providers and services
2. Use a proper shell that allows you to play with the underlying Linux OS from the point of view of an unprivileged application (you will be amazed at how much you can still see)
3. Find information on installed packages with optional search filters to allow for better control
4. Built-in commands that can check application attack vectors on installed applications
5. Tools to upload and download files between the Android device and computer without using ADB (this means it can be done over the internet as well!)
6. Create new modules to exploit your latest finding on Android, and playing with those that others have found.

For those of you interested in vulnerabilities in vendor products, the new version is the start of a collection of these in a framework. The first privilege escalation was included, allowing the escalation to root from Mercury’s unprivileged context. A module was created to check for vulnerabilities in content providers discovered on Samsung devices.

The newly introduced Reflection Interface, allows one from the Python client to instruct the Android code what objects to create and what to do with them, allowing you to add new features on the fly, without recompiling the Mercury APK. This allows true flexibility and a powerful framework for adding features that did not exist at runtime.

Download Mercury v1.1

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Hideman - Free VPN service with mutliple server locations

Virtual Private Network services are handy when you want to surf internet privately. VPN helps us to protect our surfing habits cached by website. Your internet service provider also not able to know what you are doing on internet. VPN helps you to surf anonymously.

Connections to VPNs are encrypted which means that your data is safe from snooping users in the same network. This means you do not have to fear that someone in a hotel, Internet cafe or airport can steal personal information and data from you.

Hideman provides its customers with VPN and Wi-Fi protection services. VPN is short for “Virtual Private Network,” which basically allows for an encrypted pathway between servers and hardware. As a result, all computers and web presences using a VPN are completely anonymous, ensuring unsurpassed privacy. Hideman offers this service through their special software which can be downloaded for free. In order to utilize the service, the user runs the software and manually establishes a unique IP address and country of origin.

Hideman’s software is completely free to download. On top of that, its users will also be able to use it for four hours a week, providing a nearly “unlimited” free trial.

Download For Windows

Download for Android

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Androguard v1.5 : Reverse engineering & Malware analysis of Android applications

Androguard (Android Guard) is mainly a tool written in python to play with :

• Dex (Dalvik virtual machine) (.dex), and ODex
• APK (Android application) (.apk),
• Android's binary xml (.xml).

Androguard is available for Linux/MacOSX/Windows (python powered).

Change V1.5 :

- Session (save/load)

- Annotation

- Documentation

- Support of ARM

- Support of dex writing

- Disassembler/Decompiler(DAD)

Androguard has the following features :

• Map and manipulate (disassemble/decompile/modify) DEX/ODEX/APK files into full Python objects,
• Access to the static analysis of your code (basic blocks, instructions, permissions (with database from http://www.android-permissions.org/) ...) and create your own static analysis tool,
• Check if an android application is present in a database (malwares, goodwares ?),
• Open source database of android malware (this opensource database is done on my free time, of course my free time is limited, so if you want to help, you are welcome !),
• Diffing of android applications,
• Measure the efficiency of obfuscators (proguard, ...),
• Determine if your application has been pirated (plagiarism/similarities/rip-off indicator),
• Detection of ad/open source librairies (WIP),
• Risk indicator of malicious application,
• Reverse engineering of applications (goodwares, malwares),
• Transform Android's binary xml (like AndroidManifest.xml) into classic xml,
• Visualize your application with gephi (gexf format), or with cytoscape (xgmml format), or PNG/DOT output,
• Integration with external decompilers (JAD/DED/...)
• Dump the jvm process to find classes into memory.

You can find complete Tutorial here about usage.

Download Androguard v1.5

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Smartphone Pentest Framework v0.1.1 Released

The smartphone penetration testing framework, the result of a DARPA Cyber Fast Track project, aims to provide an open source toolkit that addresses the many facets of assessing the security posture of these devices.

Pentest Framework will look at the functionality of the framework including information gathering, exploitation, social engineering, and post exploitation through both a traditional IP network and through the mobile modem, showing how this framework can be leveraged by security teams and penetration testers to gain an understanding of the security posture of the smartphones in an organization.

Pentest Framework will also show how to use the framework through a command line console, a graphical user interface, and a smartphone based app.

SPF Console: The console is a text based Perl program that allows Smartphone Pentest Framework users to perform all the server functionality of SPF.

• SPF Web based GUI: The GUI is a web based front end for SPF that allows users to perform all the server functionality. It is a set of Perl based webpages.
• SPF Android App: The SPF Android App allows users to use the mobile modem of the Android smartphone with SPF to send SMS messages, gather information, etc. Users can also perform server functionality directly from Android smartphones using this application.
• SPF Android Agent: The SPF Android Agent is one of Smartphone Pentest Framework’s post exploitation options. It is transparent to the user and allows SPF users to perform post exploitation tasks such as privilege escalation, information gathering, and remote control on Android phones with the agent installed. Agents for iPhone and Blackberry platforms are currently in development.

Download : Smartphone Pentest Framework v0.1.1

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

ASEF : Android Security Evaluation Framework

A researcher at Qualys has released a new tool designed to allow users even non-technical ones to evaluate the security and behaviors of the apps installed on their Android devices, Known as the Android Security Evaluation Framework.

Android Security Evaluation Framework - A S E F is designed and developed to simulate the entire lifecycle of an Android application in an automated virtual environment to collect behavioral data and perform security evaluations automatically over ‘n’ number of apps.

Android Security Evaluation Framework (ASEF) performs this analysis while alerting you about other possible issues. It will make you aware of unusual activities of your apps, will expose vulnerable components and help narrow down suspicious apps for further manual research.

ASEF is an Open Source tool for scanning Android Devices for security evaluation. Users will gain access to security aspects of android apps by using this tool with its default settings. An advanced user can fine-tune this, expand upon this idea by easily integrating more test scenarios, or even find patterns out of the data it already collects. ASEF will provide automated application testing and facilitate a plug and play kind of environment to keep up with the dynamic field of Android Security.

Download Android Security Evaluation Framework

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Andrubis - Analyze Unknown Android Applications

Andrubis is designed to analyze unknown apps for the Android platform (APKs). It has been brought to us by the guys at Iseclabs, who already have an awesome Windows executable scanner Anubis. Infact, it can be considered as an extension for Anubis.

Andrubis gives us an insight into various behavioral aspects and properties of a submitted app by employing both static and dynamic analysis approaches. During the dynamic analysis part an app is installed and run in an emulator – the Dalvik VM. In addition to the normal tracking of open, read and write events, network traffic operations and detection of dynamically registered broadcast receivers , taint analysis is also carried out to report on leakage of important data such as the IMEI. Not only that, cellphone specific events, such as phone calls and short messages sent are also captured by the Andrubis service.

Information is also obtained statically, without actually executing the Android application. Information related to the intent-filters declared by these components is also included.

In short, like the core-Anubis does for Windows PE executable’s, Andrubis executes Android apps in a sandbox and provides a detailed report on their behavior, including file access, network access, cryptographic operations, dynamic code loading and information leaks. An Andrubis static analysis yields information on e.g. the app’s activities, services, required external libraries and actually required permissions.

In order not to reinvent the wheel, Andrubis leverages several existing open source projects in addition to the Android SDK, such as:

1. DroidBox
2. TaintDroid
3. apktool
4. Androguard

To see how effective it is, an example report of the DroidKongFu.A Android malware, scanned via the Andrubis can be found here.

Get Andrubis here

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

DroidSheep - Android tool for web session hijacking

DroidSheep is a simple Android tool for web session hijacking (sidejacking). It listens for HTTP packets sent via a wireless (802.11) network connection and extracts the session id from these packets in order to reuse them.

DroidSheep can capture sessions using the libpcap library and supports: OPEN Networks WEP encrypted networks WPA and WPA2 encrypted networks (PSK only)

How does that work this simple?

There are many users that do not known that air is the transmission medium when using WiFi. Therefore information is not only transfered to its receiver but also to any other party in the network within the range of the radio waves.

Usually nothing special happens because the WiFi users discard packets that are not destined to themselves. DroidSheep does not do this. It reads all the packets looking at their contents.Is a website sending a clear recognition feature within a message’s content, which can identify a user (“SessionID”), then DroidSheep is able to read it although it is not intended to external users. Moreover DroidSheep can use this token to use it as its own. The server can’t decide whether the authorized user or DroidSheep has sent the request.

Video demonstration

Download Droidsheep

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Android Network Spoofer - Pwn WiFi Networks

Developed by Digitalsquid, Network Spoofer is a powerful networking app for Android devices that lets you spoof people on your network. It comes with over a dozen “hacks” such as redirecting all websites to your chosen URL, redirect all YouTube videos to the famous Never Gonna Give You Up music video, blur all images on websites, flip images, change all images on a website to a troll face etc.

Network Spoofer lets you change websites on other people’s computers from an Android phone. After downloading simply log onto a Wifi network, choose a spoof to use and press start.Please note that there is no intention for Network Spoofer to include any malicious features. This application is a fun demonstration of how vulnerable home networks are to simple attacks, with permission of the network owner - DO NOT attempt to use Network Spoofer on any corporate or other non-residential networks (eg. at school, university). It becomes very obvious when Network Spoofer is being used on a Network, and use of Network Spoofer will be considered malicious hacking by network administrators.

Download Network Spoofer or Android Market

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email