Android Privacy Guard v1.0.8 - OpenPGP for Android

There's no public key encryption for Android yet, but that's an important feature for many of us. Android Privacy Guard is to manage OpenPGP keys on your phone, use them to encrypt, sign, decrypt emails and files.

Change log v1.0.8

• HKP key server support
• app2sd support
• more pass phrase cache options: 1, 2, 4, 8 hours
• bugfixes

Download Android Privacy Gaurd

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

dSploit v1.0.23b -- Android network penetration suite

Have you ever wanted to dabble in network security testing? dSploit is an Android based network analysis & penetration suite. It is a comprehensive toolchain which can be used by anyone in order to perform a number of advanced network analysis and Pentests. dSploit contains a number of powerful functions for IT security experts/geeks, but is easy enough for just about any one to perform exploits.

dSploit allows you to analyze, capture, and manipulate network packets. You can scan networks for connected devices like other smartphones, laptops, & identify the operating system, running services and open ports on each device. Once open ports are known, you can go further by checking open ports for vulnerabilities. These features together make dSploit the most complete and advanced professional toolkit to perform network security assesments on any mobile device, ever.

Other than analysis, dSploit even allows man in the middle attacks for a number of network protocols i.e. you can monitor and inject packets into the network and spoof your identity. In simpler words, it allows you to intercept wireless network traffic and mess it with in the way you want. You can poison the DNS, for example, so that your family members go to Google+ everytime they try open facebook, or replace all the images with a custom PWNed/funny image. The ideas are what limit you, possibilities of fun are endless.

Available Modules in dSploit :

• RouterPWN
• Launch the http://routerpwn.com/ service to pwn your router.
• Port Scanner
• A syn port scanner to find quickly open ports on a single target.
• Inspector
• Performs target operating system and services deep detection, slower than syn port scanner but more accurate.
• Vulnerability Finder
• Search for known vulnerabilities for target running services upon National Vulnerability Database.
• Login Cracker
• A very fast network logon cracker which supports many different services.
• Packet Forger
• Craft and send a custom TCP or UDP packet to the target.
• MITM
• A set of man-in-the-middle tools to command&conquer the whole network .

The app is currently in beta, so there may be bugs present. However, a large number of users are reporting good feedback in the thread. You need to be running at least Android 2.3 Gingerbread, and the device must be rooted.

Download dSploit

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

WiFiKill v1.7 - Eject any WiFi device from network

If you want to disable any ip address which use same router to connect internet. Now you can used your android application, WifiKill use as can disable internet connection for a device on the same network. This is alternate version of NETCUT for Android. Simply allows you to scan your wifi network for devices, see their vendor and cut network connection for specified devices. This way you can get rid of network hoggers. It gives option to redirect HTTP traffic to specific IP, this feature can be used even to do phishing smartly.

Changelog:
- fixed the counter bug (I hope for the last time)
- added an option to redirect HTTP traffic to specific IP (caution! this may lead to significant CPU load)
- now successful kills are tagged by green icon on the left of IP (this is not 100% correct)

Download this application from LINK 1 or LINK 2

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Mercury v1.1 - The Android Vulnerability Assessment framework

Mercury is a free framework for bug hunters to find vulnerabilities, write proof-of-concept exploits and play in Android. It allows you to use dynamic analysis on Android applications and devices for quicker security assessments and share publicly known methods of exploitation on Android and proof-of-concept exploits for applications and devices.

The new version is compatible with new Android releases including Ice Cream Sandwich and Jelly Bean, meaning you can now run Mercury on the latest and greatest hardware. This enables you to be the first to find and report previously undisclosed bugs on that newly released phone!

Mercury allows you to:

1. Interact with the 4 IPC endpoints – activities, broadcast receivers, content providers and services
2. Use a proper shell that allows you to play with the underlying Linux OS from the point of view of an unprivileged application (you will be amazed at how much you can still see)
3. Find information on installed packages with optional search filters to allow for better control
4. Built-in commands that can check application attack vectors on installed applications
5. Tools to upload and download files between the Android device and computer without using ADB (this means it can be done over the internet as well!)
6. Create new modules to exploit your latest finding on Android, and playing with those that others have found.

For those of you interested in vulnerabilities in vendor products, the new version is the start of a collection of these in a framework. The first privilege escalation was included, allowing the escalation to root from Mercury’s unprivileged context. A module was created to check for vulnerabilities in content providers discovered on Samsung devices.

The newly introduced Reflection Interface, allows one from the Python client to instruct the Android code what objects to create and what to do with them, allowing you to add new features on the fly, without recompiling the Mercury APK. This allows true flexibility and a powerful framework for adding features that did not exist at runtime.

Download Mercury v1.1

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Androguard v1.5 : Reverse engineering & Malware analysis of Android applications

Androguard (Android Guard) is mainly a tool written in python to play with :

• Dex (Dalvik virtual machine) (.dex), and ODex
• APK (Android application) (.apk),
• Android's binary xml (.xml).

Androguard is available for Linux/MacOSX/Windows (python powered).

Change V1.5 :

- Session (save/load)

- Annotation

- Documentation

- Support of ARM

- Support of dex writing

- Disassembler/Decompiler(DAD)

Androguard has the following features :

• Map and manipulate (disassemble/decompile/modify) DEX/ODEX/APK files into full Python objects,
• Access to the static analysis of your code (basic blocks, instructions, permissions (with database from http://www.android-permissions.org/) ...) and create your own static analysis tool,
• Check if an android application is present in a database (malwares, goodwares ?),
• Open source database of android malware (this opensource database is done on my free time, of course my free time is limited, so if you want to help, you are welcome !),
• Diffing of android applications,
• Measure the efficiency of obfuscators (proguard, ...),
• Determine if your application has been pirated (plagiarism/similarities/rip-off indicator),
• Detection of ad/open source librairies (WIP),
• Risk indicator of malicious application,
• Reverse engineering of applications (goodwares, malwares),
• Transform Android's binary xml (like AndroidManifest.xml) into classic xml,
• Visualize your application with gephi (gexf format), or with cytoscape (xgmml format), or PNG/DOT output,
• Integration with external decompilers (JAD/DED/...)
• Dump the jvm process to find classes into memory.

You can find complete Tutorial here about usage.

Download Androguard v1.5

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Sendrawpdu : iPhone SMS spoofing tool Released

A French hacker has released a tool capable of sending SMSes with spoofed sender details on the iPhone 4. The sendrawpdu command line interface tool allows users to customise the reply number on SMSes and could be ideal for phishing attacks.

Researcher revealed an SMS spoofing flaw that affects every version of Apple’s mobile OS. Using the flaw, hackers could spoof their identities via text and send messages asking for private information (by pretending to be from a users’ bank, for example), or direct users to phishing sites.

pod2g highlights several ways in which malicious parties could take advantage of this flaw, including phishing attempts linking users to sites collecting personal information or spoofing messages for the purposes of creating false evidence or gaining a recipient's trust to enable further nefarious action.

In many cases the malicious party would need to know the name and number of a trusted contact of the recipient in order for their efforts to be effective, but the phishing example shows how malicious parties could cast broad nets hoping to snare users by pretending to be a common bank or other institution.

French hacker has published on his blog that he developed iPhone SMS security app and called it Sendrawpdu. The tool is designed for iPhone 4, and can be downloaded free of charge from the service repository Github where you can find the app.

Download Sendrawpdu

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Andrubis - Analyze Unknown Android Applications

Andrubis is designed to analyze unknown apps for the Android platform (APKs). It has been brought to us by the guys at Iseclabs, who already have an awesome Windows executable scanner Anubis. Infact, it can be considered as an extension for Anubis.

Andrubis gives us an insight into various behavioral aspects and properties of a submitted app by employing both static and dynamic analysis approaches. During the dynamic analysis part an app is installed and run in an emulator – the Dalvik VM. In addition to the normal tracking of open, read and write events, network traffic operations and detection of dynamically registered broadcast receivers , taint analysis is also carried out to report on leakage of important data such as the IMEI. Not only that, cellphone specific events, such as phone calls and short messages sent are also captured by the Andrubis service.

Information is also obtained statically, without actually executing the Android application. Information related to the intent-filters declared by these components is also included.

In short, like the core-Anubis does for Windows PE executable’s, Andrubis executes Android apps in a sandbox and provides a detailed report on their behavior, including file access, network access, cryptographic operations, dynamic code loading and information leaks. An Andrubis static analysis yields information on e.g. the app’s activities, services, required external libraries and actually required permissions.

In order not to reinvent the wheel, Andrubis leverages several existing open source projects in addition to the Android SDK, such as:

1. DroidBox
2. TaintDroid
3. apktool
4. Androguard

To see how effective it is, an example report of the DroidKongFu.A Android malware, scanned via the Andrubis can be found here.

Get Andrubis here

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

DroidSheep - Android tool for web session hijacking

DroidSheep is a simple Android tool for web session hijacking (sidejacking). It listens for HTTP packets sent via a wireless (802.11) network connection and extracts the session id from these packets in order to reuse them.

DroidSheep can capture sessions using the libpcap library and supports: OPEN Networks WEP encrypted networks WPA and WPA2 encrypted networks (PSK only)

How does that work this simple?

There are many users that do not known that air is the transmission medium when using WiFi. Therefore information is not only transfered to its receiver but also to any other party in the network within the range of the radio waves.

Usually nothing special happens because the WiFi users discard packets that are not destined to themselves. DroidSheep does not do this. It reads all the packets looking at their contents.Is a website sending a clear recognition feature within a message’s content, which can identify a user (“SessionID”), then DroidSheep is able to read it although it is not intended to external users. Moreover DroidSheep can use this token to use it as its own. The server can’t decide whether the authorized user or DroidSheep has sent the request.

Video demonstration

Download Droidsheep

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

BoxCryptor - Encrypt your Android using the AES-256

BoxCryptor allows you to encrypt entire folders using the AES-256 standard. Any file stored in the virtual BoxCryptor drive is individually encrypted and stored in the destination folder. To add an additional security layer, BoxCryptor can also encrypt file names.

The folder containing encrypted files can then be uploaded to the cloud by providers such as Dropbox, Google Drive or Windows Sky Drive. BoxCryptor supports Windows, Mac OS X, iOS and Android and can be used by private users for free on all platforms.

Whow should use BoxCryptor

• You want to store highly sensitive files in the cloud
• Your contracts, your bank details or your dissertation
• Save your Top secret information
• Any one who is frequent traveller

Download BoxCrypter

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Ip phone Scanning Made Easy (ISME) v 0.4 Released

Ip phone Scanning Made Easy (ISME) scans a VOIP environment, adapts to enterprise VOIP, and exploits the possibilities of being connected directly to an IP Phone VLAN.

It seeks to get the phone's configuration file directly from a TFTP server, enable SIP/SIPS (TCP/UDP), communicate with an embedded Web server and Web server banner, identify the editor by MAC address, and identify potential default login/password combinations which should be changed. Get Documentation, Setup And Installation.

CHANGES V0.4 :

• Add Cisco phone attacks (ringer & forwarder – skinny)
• Add Lan & Servers attacks (DHCP Starvation & DNS Subnet resolver)

Download ISME v0.4

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Android Network Spoofer - Pwn WiFi Networks

Developed by Digitalsquid, Network Spoofer is a powerful networking app for Android devices that lets you spoof people on your network. It comes with over a dozen “hacks” such as redirecting all websites to your chosen URL, redirect all YouTube videos to the famous Never Gonna Give You Up music video, blur all images on websites, flip images, change all images on a website to a troll face etc.

Network Spoofer lets you change websites on other people’s computers from an Android phone. After downloading simply log onto a Wifi network, choose a spoof to use and press start.Please note that there is no intention for Network Spoofer to include any malicious features. This application is a fun demonstration of how vulnerable home networks are to simple attacks, with permission of the network owner - DO NOT attempt to use Network Spoofer on any corporate or other non-residential networks (eg. at school, university). It becomes very obvious when Network Spoofer is being used on a Network, and use of Network Spoofer will be considered malicious hacking by network administrators.

Download Network Spoofer or Android Market

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email