If you are geek enough to pentest every wireless network you connect, we got an app for you.
dSploit is an Android based network analysis & penetration suite. It is a comprehensive toolchain which can be used by anyone in order to perform a number of advanced network analysis and Pentests. dSploit contains a number of powerful functions for IT security experts/geeks, but is easy enough for just about any one to perform exploits.
dSploit allows you to analyze, capture, and manipulate network packets. You can scan networks for connected devices like other smartphones, laptops, & identify the operating system, running services and open ports on each device. Once open ports are known, you can go further by checking open ports for vulnerabilities. These features together make dSploit the most complete and advanced professional toolkit to perform network security assesments on any mobile device, ever.
Other than analysis, dSploit even allows man in the middle attacks for a number of network protocols i.e. you can monitor and inject packets into the network and spoof your identity. In simpler words, it allows you to intercept wireless network traffic and mess it with in the way you want. You can poison the DNS, for example, so that your family members go to Google+ everytime they try open facebook, or replace all the images with a custom PWNed/funny image. The ideas are what limit you, possibilities of fun are endless.
You can also trigger a DoS attack (Denial of services) in which your family and friends would lose Internet connectivity. Everytime they try accessing a webpage, instead of loading the page, it would redirect to your custom webpage that displays a “You’ve be PWNEed” message. If you ain’t ethical enough, you can even indulge yourself in sniffing and capturing login passwords, web forms etc.
dSploit also allows you to create a Map of your Network, and then fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many tcp protocols, perform man in the middle attacks such as password sniffing (with protocol filters), real time traffic manipulation, etc.
dSploit is like Metaspl0it framework from desktop world as it is very pluggable. As of now app is in beta stages with few modules, expect more in the future.
Launch the http://routerpwn.com/ service to pwn your router.
- Port Scanner
A syn port scanner to find quickly open ports on a single target.
Performs target operating system and services deep detection, slower than syn port scanner but more accurate.
- Vulnerability Finder
Search for known vulnerabilities for target running services upon National Vulnerability Database.
- Login Cracker
A very fast network logon cracker which supports many different services.
- Packet Forger
Craft and send a custom TCP or UDP packet to the target.
A set of man-in-the-middle tools to command&conquer the whole network.
- Simple Sniff
Only redirects target’s traffic through the device ( useful when using a network sniffer like ‘Sharp’ for Android ) and shows network stats.
- Password Sniffer
Sniff passwords of many protocols such as http, ftp, imap, imaps, irc, msn, etc from the target.
- Kill Connections
Kill connections preventing the target to reach any website or server.
- Replace Images
Replace all images on webpages with the specified one.
- Replace Videos
Replace all youtube videos on webpages with the specified one.
- Script Injection
- Custom Filter
Replace custom text on webpages with the specified one.
- Simple Sniff
- At least Android 2.3 ( Gingerbread )
- The device must be rooted
- The device must have a BusyBox full install, this means with every utility installed ( not the partial installation ).
Download [github] App isn’t allowed on Play store.
checkout the XDA thread for updates.
You can also checkout Pen Test Tools List app for all Pentesting Android apps. [Play Store]