Android is one of the most customizable and ‘open’ operating systems on the market today. It is thanks to this fact, that it is now found on nearly every kind of device – from smartphones and tablets, to TVs and watches.
This is also why Android is so appealing to ‘techies’ – including hackers. Whether you’re an ethical hacker, someone who finds the concept of hacking fascinating, or someone just looking to expand their repertoire of tech skills, Android is a great place to start flexing those hacking muscles.
In this post, we’re going to look at ten of the very best hacking apps for Android to get you started.
1. AndroRAT
https://github.com/wszf/androrat
AndroRAT is one of the most popular hacking tools on Android. It stands for Remote Administrative Tools and is a free hacking tool that acts as a client/server application. This will give you control over an Android system remotely so that you can retrieve information. It runs as a service on boot, meaning that the user won’t need to manually load it, or even interact with it in any way. Best of all, you can trigger the server connection via a call or SMS.
In other words then, you’re going to need to somehow install the application client-side, and also allow all permissions. But if you can do that, then you’re going to be able to collect contacts, call logs, location data, messages and more from anywhere.
As is so often the case, the real vulnerability needs to be the wetware.
2. zANTI
https://www.zimperium.com/zanti-mobile-penetration-testing
This is a well known Android hacking suite that comes from Zimperium. The software provides a range of different tools that can be used for penetration testing. It lets you easily scan a network and then simulate a hacking environment to detect openings.
This will basically bring the power of Backtrack to your Android – sniffing websites being visited with cookies and more.
3. Hackode
https://play.google.com/store/apps/details?id=com.techfond.hackode
Hackode is once again a collection of different hacking tools for ethical hackers, systems administrators, and others. The three modules are reconnaissance, scanning, and security feed. You’ll be able to use SQL Injection, WHois, DNS Lookup, DNS Dif, and more.
An SQL Injection is basically a strategy used to send unauthorized requests to a database where you might have been invited to input data into a form. The code will then interpret your username or password as a valid request and thereby return private data, or help you to break into the system. It can even destroy the database.
This tool will provide a great starting point for those just learning and it wins points for not needing your private details to work. Oh and no root required!
4. FaceNiff
FaceNiff is for sniffing and intercepting WiFi network traffic. It has found a lot of popularity among hackers as a way to snoop into others’ social media sites (like Facebook and Twitter). It works by steeling cookies from the WiFi network, which can then provide access to the unsuspecting user’s account.
The thing that many users don’t realize, is that public and other open WiFi networks actually broadcast in all directions with no encryption. That means that all your passwords, all your emails, and any other packets of data are sent not only to the router, but also out into the open air. Most modems are set to ignore this information and to simply communicate back and forth directly with the routers for their own purposes. However, if you set your modem on ‘monitor mode’, then you can observe and intercept this data.
This is how a number of the hacking apps on this list work – and it’s something that you need to defend against yourself if you use public WiFi.
5. Droidsheep
https://forum.xda-developers.com/showthread.php?t=1593990
Droidsheep is a hacking app that can be used by security analysts interested in playing with WiFi networks. The app can hijack web session profiles over a network, so as long as you’re connected to the same internet you’ll be able to sniff LinkedIn, Twitter, Facebook… you name it. DroidSheep guard meanwhile is a variation on the same idea that will allow you to detect ARP snoofing on networks – acting as a defense against apps like Droidsheep.
6. Nmap
https://secwiki.org/w/Nmap/Android
This is a very powerful networking spoofing app that is normally associated with desktop users. It can also be used on Android now though, and works on both rooted and non-rooted phones. It’s a must-have for beginners, opening the doors to one of the most common hacking techniques.
Network spoofing for the uninitiated, basically means that a phone or computer is ‘pretending’ to be another phone or computer. It can do this by using a false IP address that is usually associated with another computer, and this way it can gain unauthorized access.
7. Express VPN
https://play.google.com/store/apps/details?id=com.expressvpn.vpn&hl=en_GB
There is no reason to choose Express VPN over any other VPN, but the point is that any hacker should be using a VPN. This will keep them safe from attacks from others, while also helping to make their own attacks untraceable. A VPN works by routing your traffic via another server located elsewhere, thereby hiding your activities and cookies from those that would ‘spy’ on your data.
Now the only information being sent between your computer and the public WiFi hotspot is that which is required to use the VPN. A server located somewhere across the world will then send your information to a private router, which won’t be so easy to hack.
8. APKInspector
https://github.com/honeynet/apkinspector/
This one is a little different and works by allowing you to perform a range of reverse engineering tricks. It basically allows you to get the source code from a number of Android apps, visualize DEX code, and find potential security flaws in those apps.
9. Shark for Root
http://www.mediafire.com/download/c654s093zk4898m/Shark-lv.n3o.shark-102-v1.0.2.apk
Shark for Root is one of the more advanced tools on this list that is often used by security experts. It works as a traffic snipper and can be used over Wi-Fi, 3G, or FroYo tethered mode. You can also use the tcpdump command if you have an Android device.
10. Linux Deploy
https://play.google.com/store/apps/details?id=ru.meefik.linuxdeploy&hl=en_GB
Any hacker knows that while Android is versatile, it is really Linux that is the best operating system of all for hacking. And in fact, a large number of the most popular hacking tools out there are designed for Linux first and foremost.
The good news? You can actually install Linux on Android. And no, I’m not talking about the ill-fated touch-friendly mobile Linux. Nor am I talking about some lame approximation of Linux. I’m talking full-fat, Linux, in any distribution that you like (you’ll want Kali).
You will need root. And from there, you’ll need Linux Deploy which will let you download a select Linux distribution. You’ll then need to use something like VNC Viewer in order to actually view the GUI. But once you’ve done that, you can use Linux just as though you were running it on a desktop computer. You can even hook up a Bluetooth keyboard and mouse!
So, if you didn’t find what you were looking for on this list, well now you can find any hacking tool you can think of!
Closing Thoughts
These are just some of the best hacking apps available on Android. In fact, there are actually many more out there for those that are interested in learning more about this fascinating world, developing their careers as ethical hackers, or learning to protect themselves and their organizations against unwanted attacks.
The best part? Android devices come in so many shapes and sizes that you can turn practically any television, smartphone, tablet, or watch into a powerful tool that will give you a huge advantage in our digital world.
What are some of your favorite Android hacking apps? Write down in comments.