1. SpoofApp:- SpoofApp is a Caller ID Spoofing,
Voice Changing and Call Recording mobile app for your iPhone, BlackBerry
and Android phone. It’s a decent mobile app to help protect your
privacy on the phone. However, it has been banned from the Play Store
for allegedly being in conflict with The Truth in Caller ID Act of 2009.
2. Andosid:- The DOS tool for Android Phones allows
security professionals to simulate a DOS attack (an http post flood
attack to be exact) and of course a dDOS on a web server, from mobile
phones.
3.Faceniff:- Allows you to sniff and intercept web
session profiles over the WiFi that your mobile is connected to. It is
possible to hijack sessions only when WiFi is not using EAP, but it
should work over any private networks.
4.Nmapper:- (Network Mapper) is a security scanner
originally written by Gordon Lyon used to discover hosts and services on
a computer network, thus creating a “map” of the network. To accomplish
its goal, Nmapper sends specially crafted packets to the target host
and then analyses the responses.
5. Anti-Android Network Toolkit:- zANTI is a
comprehensive network diagnostics toolkit that enables complex audits
and penetration tests at the push of a button. It provides cloud-based
reporting that walks you through simple guidelines to ensure network
safety.
6. SSHDroid:- SSHDroid is a SSH server
implementation for Android. This application will let you connect to
your device from a PC and execute commands (like “terminal” and “adb
shell”) or edit files (through SFTP, WinSCP, Cyberduck, etc).
7. WiFi Analyser:- Turns your android phone into a
Wi-Fi analyser. Shows the Wi-Fi channels around you. Helps you to find a
less crowded channel for your wireless router.
8. Network Discovery:- Discover hosts and scan their ports in your Wifi network. A great tool for testing your network security.
9. ConnectBot:- ConnectBot is a powerful open-source
Secure Shell (SSH) client. It can manage simultaneous SSH sessions,
create secure tunnels, and copy/paste between other applications. This
client allows you to connect to Secure Shell servers that typically run
on UNIX-based servers.
10. dSploit:-Android network analysis and
penetration suite offering the most complete and advanced professional
toolkit to perform network security assesments on a mobile device.
11. Hackode:- The hacker’s Toolbox is an application
for penetration tester, Ethical hackers, IT administrator and Cyber
security professional to perform different tasks like reconnaissance,
scanning performing exploits etc.
12.Androrat:- Remote Administration Tool for
Android. Androrat is a client/server application developed in Java
Android for the client side and in Java/Swing for the Server.
13.APKInspector:- APKinspector is a powerful GUI
tool for analysts to analyse the Android applications. The goal of this
project is to aide analysts and reverse engineers to visualize compiled
Android packages and their corresponding DEX code.
14.DroidBox:- DroidBox is developed to offer dynamic analysis of Android applications.
15.Burp Suite:- Burp Suite is an integrated platform
for performing security testing of web applications. Its various tools
work seamlessly together to support the entire testing process, from
initial mapping and analysis of an application’s attack surface, through
to finding and exploiting security vulnerabilities.
16. Droid Sheep:- DroidSheep can be easily used by
anybody who has an Android device and only the provider of the web
service can protect the users. So Anybody can test the security of his
account by himself and can decide whether to keep on using the web
service.
17. AppUse:– Android Pentest Platform Unified
Standalone Environment:- AppSec Labs recently developed the AppUse
Virtual Machine. This system is a unique, free, platform for mobile
application security testing in the android environment, and it includes
unique custom-made tools created by AppSec Labs.
18. Shark for Root:- Traffic sniffer, works on 3G
and WiFi (works on FroYo tethered mode too). To open dump use WireShark
or similar software, for preview dump on phone use Shark Reader. Based
on tcpdump.
19. Fing:- Find out which devices are connected to your Wi-Fi network, in just a few seconds.
Fast and accurate, Fing is a professional App for network analysis. A
simple and intuitive interface helps you evaluate security levels,
detect intruders and resolve network issues.
20.Drozer:- drozer enables you to search for
security vulnerabilities in apps and devices by assuming the role of an
app and interacting with the Dalvik VM, other apps’ IPC endpoints and
the underlying OS. drozer provides tools to help you use and share
public Android exploits. It helps you to deploy a drozer agent by using
weasel – MWR’s advanced exploitation payload.
21. WifiKill:– Second app, developed also by
B.Ponury is an app which can kill connections and kick site-hoggers from
the site. This app definitely kick then net user from the site so he
cannot use it anymore. The app also offers the list of viewed sites by
the hogger.
22. DroidSniff:– Similar to DroidSheep but with a
newer and nicer interface is DroidSniff – sniffing app not only for
Facebook. This app shows you what is the hogger looking for and then you
can “take” his control, steal the cookies and rock’n’roll. Works
perfectly.
23. Network Spoofer:– The last app, called NetWork
Spoofer is very similar to dSploit but it’s more easier to use. Only
hitch is that you need to have at least 500MB of free data. It offers
you a lot of troll features – change Google searches, flip images,
redirect websites, swap YouTube videos and others.
24. Droid SQLI:- allows you to test your MySQL based
web application against SQL injection attacks. DroidSQLi supports the
following injection techniques: Time based injection, blind injection,
error based injection, normal injection.
25. sqlmapchik:- is a cross-platform sqlmap GUI for the extremely popular sqlmap tool.
26. Whatsapp viewer:- is a simple forensic tool. It gives the access to whatsapp chat directly from sqlite databases, even from encrypted databases.
27. WhatsAPI:- Is a platform that allows you to send bulk messages through PHP. The script itself is simple.
