Top Android Apps For Hackers

This is the body of your page.

As Android has emerged as the top mobile operating system, we have seen a great rise in the Android hacking apps. For our readers, we have prepared a list of the best hacking apps for Android that can be used by a technology enthusiast, an IT security administrator, or an ethical hacker.

Based upon the industry reviews and our own experience, here is a compilation of the top Android hacking applications. Along with the description of apps, we have provided the relevant website and download links to help you get started instantly.

Disclaimer: Please note that Website is publishing this list just for educational purposes. We don’t support use of any tool to indulge in some unethical purposes.

Best Hacking Apps For Android Phones – 2016

• AndroRAT

AndroRAT stands for Android and RAT (Remote Administrative Tools). This top hacking tool was released a long time ago as a client/server application. The app aims to give you the control of the Android system remotely and fetch the information from it. This Android app runs as a service right after the boot. So, a user doesn’t need to interact with the service. The app provides you the ability to trigger the server connection by a call or SMS.

The features in this useful Android hacking app include collecting information like contacts, call logs, messages, and location. The app also allows you to remotely monitor received message and state of phone, making a phone call and sending texts, taking picture from camera, opening URL in the default browser etc.

—  Androrat

• Hackode

Hackode is an Android app which is basically a collection of multiple tools for ethical hackers, IT specialists, and penetration testers. In the app, there are three modules –Reconnaissance, Scanning, Security Feed — available in the application.

With this app, you get the functionalities like Google hacking, SQL Injection, MySQL Server, Whois, Scanning, DNS lookup, IP, MX Records, DNS Dif, Security RSS Feed, Exploits etc. It’s a great Android hacking app to start with and it doesn’t ask for your private information to operater.

— Hackcode

• zANTI

zANTI is a reputed Android hacking suite from Zimperium. This software suite comes with multiple tools that are widely used for penetration testing purposes. This mobile penetration testing toolkit allows the security researchers to scan a network easily. This toolkit allows the IT administrators to simulate an advanced hacking environment to detect multiple malicious techniques.

zANTI could be called an app that brings the power of Backtrack on your Android device. As soon as you login into zANTI, it maps the entire network and sniffs the websites being visited along with their cookies — thanks to ARP cache poisoning on devices.

The various modules in the app are network mapping, port discovery, sniffing, packet manipulation, DoS, MITM, and more.

— zANTI

• FaceNiff

FaceNiff is a top Android hacking app that allows you to intercept and sniff your WiFi network traffic. This tool is widely used to snoop into people’s Facebook, Twitter and other social media websites using your Android device. This hacker-favorite tool steals cookies from WiFi network and gives an attacker an unauthorised access to victim’s account.

FaceNiff is developed by Bartosz Ponurkiewicz — the same developer who wrote Firesheep for Firefox hacking on desktop.

— FaceNiff

• Droidsheep

Droidsheep is an effective hacking app developed for security analysts interested in playing with Wi-Fi networks. The app has the ability to hijack the web session profiles over a network and it works with almost all services and websites.

As you fire up the Droidsheep app, it acts a router that monitors and intercepts all the Wi-Fi network traffic and fetches the profiles of active sessions. With this app, one can sniff Facebook, LinkedIn, Twitter and other social media accounts.

DroidSheep Guard, another version of app, helps you to detect ARP-Snoofing on the networks i.e. the attacks by FaceNiff, Droidsheep, and other software.

— Droidsheep

• DroidBox

DroidBox is an app that offers dynamic analysis of Android applications. Using the app, one can get a wide range of results about the hashes for the APK package, network traffic, SMS and phone calls, information leaks via different channels etc.

This top Android hacking application also gives you the ability to visualize the behaviour of an Android app package.

— DroidBox

• APKInspector

APKInspector is an app that allows you to perform reverse engineering tricks. With this app, you can get the graphic features and analysis functions for the users to get a deep insight. This powerful Android hacking tool helps you get the source code of any Android app and visualize the DEX code to erase the credits and license.

— APKInspector

• Nmap

One of the most popular network scanning apps for desktop can also be used on Android operating system. Nmap works on both non-rooted and rooted phones. If you are a beginner Android hacker, this hacking app app is a must have.

— Nmap

• SSHDroid

SSHDroid is a SSH server implementation developed for Android that allows you to connect your Android device to a PC and run commands like ‘terminal’ and ‘adb shell’ and edit files. It provides an extra security later when you are connecting to a remote machine.

The app provides features like shared-key authentication, WiFi autostart whitelist, extended notification control etc,

—  SSHDroid

Hacking Mobile Number

Duplicate/Create And Send SMS By It 

Welcome,This is my First post about mobile hacking,In this post,We are going to create any mobile number (police,fire department,ex-girlfriends,etc) and send messages,Sure this method has only 75% success rate,but it works like a charm for the most time.In spoofing attack the attacker (you)  make himself a source or desire address.This post is only for education purposes,and this trick can be traced back to the source very easily,So don't create a scene.

So What Do WE Need :

#SET-Social Engineering Toolkit, Available On Backtrack. 

#Brain-To Sense what is wrong and what is right,And to follow this procedure.

Step 1 :

Open "Social Engineering Toolkit" in Backtrack 5 (mine OS)  by Opening your backtrack console & Typing 

cd /pentest/exploits/set

Step 2 :

Once the directory is opened,Type "./set" to fire up the social attacking kit.

Step 3 :

Now select option number 7.This module allows you to specially craft SMS messages and send them to a person. You can spoof the SMS source if you want to,its not that hard.

Step 4 :

Now select option 1 "Perform a SMS Spoofing Attack”

Step 5 :

Select how the "spoofed-sms" should distribute,you could send it to many people or just one,Your choice.

Step 6 :

Now you need to enter the number of the receiver (victim), make sure to enter with country code.Example : +9188260xxxxx for India,

Step 7 :

Now select 1 for pre-defined Templates,that is helpful to newbies, of-course you can create your own.

Step 8 :

On this step you need to choose the templates,I will choose the "Boss" one,you can use according to your situation.

Step 9 :

Now you need to select the service which will send that crafted SMS you created,You can choose whatever-the-hell you want,If you have an Android Emulator that is just great.

Step 10 :

POOF ! You just send an spoofed message,which is capable of stopping war or creating it,depends on you.

DNS Hijacking

How to Spoof DNS on a LAN to Redirect Traffic to Your Fake Website

Welcome back, my novice hackers!

There are SOOOO many ways to hack a system or network, which means you need to think creatively in order to be successful.

Many novice hackers focus way too much energy on cracking passwords(which should be a last resort unless you have specialized tools or a 10,000 machine botnet) or exploiting a vulnerability in an operating system (increasingly rare). With all the protocols that computer systems use (DNS, SMTP, SMB, SNMP, LDAP, DHCP, etc), there is bound to be a vulnerability in one that we can exploit to get what we're after.

DNS Spoofing: Redirecting Users to Your Website

In this hack, we will be exploiting the Domain Name Service (DNS). As you know, DNS is used for domain name resolution or converting a domain name such as wonderhowto.com to an IP address, 8.26.65.101. If we can mess with this protocol, we could very well send some one looking for a domain name such as bankofamerica.com to our malicious website and harvest their credentials.

Dug Song of the University of Michigan developed a suite of hacking tools that are excellent for this purpose. We have already used one of his tools,arpspoof, for doing a man-in-the-middle attack. In this attack, we will be using his dnsspoof tool, which will enable us to spoof DNS services on a local area network.

Remember, even though this hack requires that you be on the same LAN, you could get access to the LAN through a remote vulnerability or a weak password on just ONE machine on the network. In institutions with thousands of computers on their network, that means you must find a single machine that is exploitable to be able implement this attack for the entire network.

Step 1: Fire Up Kali

Let's get started by firing up Kali and going to Applications -> Kali Linux -> Sniffing -> Network Sniffers, and finally, dnsspoof, as seen in the screenshot below.

Step 2: Open Dnsspoof

When you click on dnsspoof, the following terminal opens. Notice how simple the syntax is.

• dnsspoof -i <interface> -f <hostsfile>

Step 3: Set Up for Sniffing

We will trying to get a Windows 7 system on our network to redirect itsbankofamerica.com navigation to our own website. Let's use Google Chrome, or any browser, to navigate there.

Step 4: Flush the DNS Cache

First, we need to flush the DNS cache of the Windows 7 system. In this way, the Windows client won't use the cached DNS on the system and will instead use our "updated" DNS service. In reality, this step is not necessary, but for our demonstration it speeds things up.

First, close the browser and type:

• ipconfig /flushdns

Now we need to set our network card on our Kali server to promiscuous mode (she, your network card, will accept anyone's packets).

• ifconfig eth0 promisc

Now we need to kill the connection between the Windows 7 system and [www.bankofamerica.com]. This forces the Windows 7 machine user to re-authenticate.

• tcpkill -9 host [www.bankamerica.com]

After killing www.bankofamerica.com, stop the tcpkill with a ctrl c.

Step 5: Create Hosts File

In my Linux tutorial on client DNS, I showed you how the hosts file in Linux acts like a static DNS. Here we will be using the hosts file to redirect that Windows 7 system's search for Bank of America to our website. Let's go to the /usr/local directory.

• cd /usr/local

From there, let's open the hosts file in any text editor. Kali doesn't have kwrite that we had been using in BackTrack, but it does have a graphical VIM, or gvim, so let's use that.

• gvim hosts

Now that we have the hosts file open, we need to add the following line to it. Remember, the hosts file is simply mapping an IP address to a domain name, so we put our IP address in and map it to [www.bankofamerica.com].

• 192.168.1.101 www.bankofamerica.com

It's important here to use the TAB key between the IP address and the domain. Spaces will be interpreted by the system to be part of the domain name.

Step 6: Create a New BOA Webpage

Before we go any further, we now need to turn off promiscuous mode on our network card (she decided to commit to you and only you).

• ifconfig eth0 -promisc

Now we need to create a website that the user will be directed to when they type bankofamerica.com in the URL of their browser. Let's create a simple webpage. If you want more info on how to create a simple webpage and host it in Linux, check out my Linux guide on Apache web servers.

Now open the index.html.

• gvim /var/www/index.html

This is what it looks like by default. We want to change it and put in the following html and save it.

<html>
<body> <h1>This is the Fake Bank of America Web Site! </h1>
</body>
</html)>

Of course, if you really wanted to pull off this hack, you would want to take the time to build a website that looks and acts just like the site you're spoofing, but that is another tutorial entirely.

Step 7: Start a the Apache Web Server

Now, start the web server built into Kali. This is Apache and the service is HTTP, so we go to Kali Linux -> System Services -> HTTP, and finally,apache2 start. This will start our web server on our Kali system hosting the fake Bank of America website.

Step 8: Start Dnsspoof

In our last step, we need to start dnsspoof and direct users to the entries in our "hosts" file first. Dnsspoof will intercept DNS queries and send them first to our hosts file before then sending them along to the DNS server. In this way, if we have any entry in our hosts file that the client is looking for, it will directed as specified by our hosts file.

Remember, we mapped bankofamerica.com to our IP address so that they will go to OUR web server and see OUR website.

• dnsspoof -f hosts

Step 9: Navigate to BOA from Windows 7

Now, from the Windows 7 system, type in the URL bankofamerica.com and it will pull up our fake website vs. the real Bank of America site.

Now, when anyone on the local area network attempts to navigate to the Bank of America website, they will instead come to our website!

As you can imagine, with dnsspoof in place, we can wreak all kinds of havoc on a LAN!

How to Hide Your IP Address?

Every computer on the Internet has a unique IP address allotted to it which makes it possible to trace it back to its exact location. Even though the concept of IP address has been designed for its transparency and traceability, in some cases this questions the privacy of the Internet users where one would not like to reveal his/her identity to the outside world.

Well, if you are one such person who is in search of ways to hide your IP address, then you are at the right place. In this post, I will discuss some of the easy and popular ways to mask your IP address so that your identity and privacy is kept safe.

Why Hide IP Address?

The following are some of the common reasons why people want to mask their IP address online:

1. By hiding the IP address, people can browse websites anonymously without leaving the trace of their identity.
2. To access websites and portals that are not available to the IP address’s Geo location.
3. Stay safe from intruders and hackers by showing a fake IP to the world.
4. Hiding IP means hiding geographical location.
5. Hiding IP prevents leaving a digital footprint of their online activity.

How to Hide Your IP?

Some of the most common ways to hide IP and safeguard your online identity are discussed below:

1. Using a VPN Proxy – The Safe and Secure Way to Hide Your IP

Using a trusted VPN service is the best way to conceal your IP address during your online activities. Here is a list of most popular and highly reliable VPN services that you can go for:

Hide My Ass VPN  Hide My Ass is one of the most popular and trusted VPN service that allows people to easily conceal their IP address and protect their online privacy.

VyprVPN VyprVPN offers the world’s fastest VPN services to make it possible for its clients easily conceal their real IP and supports wide range of operating systems including Windows, Mac, Android and iOS.

The following are some of the advantages of using a VPN service over any other method of concealing your IP address:

1. In addition to hiding your IP, a VPN service encrypts all your web traffic to keep you safe from hackers and intruders.
2. Unlike other IP hiding methods (discussed in the latter part of this article) which affects your speed of browsing, a VPN service keeps your Internet speed fast without affecting its performance.
3. You have a long list of countries and states to select your IP address from as your place of origin. For example, if you are originally from United Kingdom, you may choose an IP address that belong to United States so that the websites that you visit will see you as from US and not UK.
4. By selecting an IP address of your choice, you can easily bypass location blocks and even access restricted websites that are not available for your country.

2. Website Based Proxy Servers

This is another popular way to quickly mask IP address on the Internet. Since it is a web based service, users need not have to install any piece of software program on their computer. The following are some of the popular websites that offer free services to obscure your IP address:

• www.hidemyass.com
• www.newipnow.com
• www.anonymouse.org

The downside of using these free services to mask your IP address is that most of them become overloaded and are too slow to use. In addition, some of them will not offer a secured connection (SSL) and you will often be presented with annoying ads and pop-ups during the course of your browsing.

3. Browser Configured Proxy Servers

There are hundreds of freely available open proxies that can be found on the Internet. You can obtain the IP address of one of those freely available proxy servers and configure your browser to start hiding your original IP address. However, as they are openly available to public, most of them are either dead or perform too slow under normal conditions.

Which Service to Choose?

I have made my sincere attempt to present readers with all the available options to successfully hide the IP address on their computers. If you only want to conceal your IP address for a specific amount of time and are not concerned with the performance, go for the free web based services. On the other hand, if you have the necessity to hide your IP on a regular basis, need high security and performance, go for paid VPN services like Hide My Ass or VyprVPN.