In this article, we will list the Top 30 Android Hacking Tools to help with networking & pentesting tasks.
30 Best Free Hacking Apps & Tools For Android
NMap for Android (NetworkMapper)
Network Mapper is an unofficial Android frontend for well known Nmap scanner. The frontend will help you to download and install Nmap as well as use it.
Nmap will help you to discover hosts, protocols, open ports, services and its configuration and vulnerabilities on networks.
Image Credits: Faceniff
FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. (Root is required)
AndroidRAT is an Android Remote Administration Tool for Android devices.
AnDOSid is an android tool developed by Scott Herbert that you can use to launch DoS attacks from your mobile phone.
SSHDroid – Android Secure Shell
SSHDroid application will let you connect to your device from a PC and execute commands (like “terminal” and “adb shell”) or edit files (through SFTP, WinSCP, Cyberduck, etc.
Hackode : The hacker’s Toolbox is an application for penetration tester, Ethical hackers, IT administrator, and Cybersecurity professionals to perform different tasks like reconnaissance, scanning performing exploits etc.
WhatsApp Sniffer Android app allows Android users to receive the text messages from WhatsApp application from phones that uses the same WiFi
Using Evil Operator you can connect two friends into a phone conversation making them think they called each other!. Then you can record the call and share the recording with friends via social media and cloud services. Limitations: Only allows one free call a day! Evil Operator allows you to share tokens can with the PrankDial app.
Download Evil Operator
APKinspector is a powerful GUI tool for analysts to analyze Android applications.
Download APK inspector
Kill Wi-Fi app will make other devices in the same network think that your device is a router. So they will try to connect to the internet through you. WifiKill then drops the connections of these other devices.
DroidSheep is an android Mitm tool developed by Andreas Koch for security analysis in wireless networks. It is a session hijacking tool that allows hackers to capture session cookies over the wireless network.
dSploit is a penetration testing suite developed for the Android operating.as of 2014 DSploit was merged with zANTI.
zANTI™ is a mobile penetration testing toolkit that lets security managers assess the risk level of a network with the push of a button. This easy to use mobile toolkit enables IT Security Administrators to simulate an advanced attacker to identify the malicious techniques they use in the wild to compromise the corporate network.
Shark for root
Shark For Root is an android version of Wireshark it was designed for security experts and hackers. It is basically is a traffic sniffer that works on WiFi, 3G and tethered mode. The app is based on tcpdump and will work with tcpdump command-line options. Enjoy this excellent Android application.
ZipSigner app allows you to sign update.zip files, APK, or JAR files using your own private keys or one of the four built-in certificates (media, platform, shared, testkey) All from your Android device. All output is automatically zip-aligned ZipSigner can work with existing keystores, or you can create keystores, keys, and self-signed certificates.
Don’t worry about finding a Wi-Fi internet connection free or paid public Wi-Fi hotspots online or offline Wi-Fi Finder gives a detailed map of various Wi-Fi hotspots around you can come in really useful when hunting for Open Wireless Networks.
SSLStrip for Android
SSLStrip for Android is a port from the popular SSLStrip a Python tool created by Moxie Marlinspike. SSLStrip transparently hijacks HTTP traffic on a network essentially SSLStrip allows HTTPS traffic to be forced to use HTTP SSL stripping attacks can come in really handy when performing MITM attacks.
The goal of the USB Cleaver is to silently recover information from a target Windows 2000 or higher computer, including password hashes, LSA secrets, IP information, etc… beauty lies in the fact that the payload can run silently and without modifying the system or sending network traffic, making it near invisible. It captures all the information to a LOG file stored in your sd card and can be reviewed at any time.
DroidSQLi is an android app that allows you to launch SQL injection attacks on a target URL. Best of all its all automated on any Android device.
WiFi You is a powerful app collecting millions of wifi passwords shared by end-users worldwide and storing & distributing them from a cloud server users can then access Wi-Fi passwords via the apps and share passwords amongst friends.
Wi-Fi WPS WPA Tester
Test for WPS WPA/WPA2 vulnerable routers and test them to various Wi-Fi exploits from your Android Device (Device requires Root).
CSploit is one of the most complete and advanced IT security professional toolkit on Android.
Computer/device discovery and port scanner for local area network automated from your Android device.
Wiggle – Wi-Fi Wardriving
Wiggle is an open-source wardriving app to netstumble, display and map found wireless networks and cell towers anywhere in the world, easily uploading to the http://wigle.net database. WiGLE was started in 2001 and now has over 250 million wifi networks worldwide.
Arpspoof for Android
Android port of popular Arpspoof MITM Tool.
This Android app can protect you from MITM “Man in the Middle” attacks such as DroidSheep, Faceniff, etc. The app can alert you on unusual activity and give you options on what to do.
DroidBox was developed to offer a dynamic analysis of Android applications.
Fing Network Scanner
Fing Network Scanner Discovers what devices are connected to any Wi-Fi network, map devices, detect intruders, assess network security risks.
Kali Linux Nethunter
Kali NetHunter is an Android ROM overlay that includes a robust Mobile Penetration Testing Platform. The overlay includes a custom kernel, a Kali Linux chroot, and an accompanying Android application, which allows for easier interaction with various security tools and attacks. – Wikipedia
IMSI Catcher Sniffer
AIMSICD is an Android app to detect IMSI-Catchers. These IMSI catching devices are false mobile towers acting between the target mobile phone(s) and the real towers of service providers.
If you enjoyed this article please consider sharing it on social media and with your friend’s thanks for supporting HackingVision.