Sunday, August 24, 2014

Android App Security / Vulnerability Scanner

Bluebox Security Scanner:

                                        will scan your device to determine:
- If your system is vulnerable or patched to any of the "Fake ID" or "Master Key" security flaws affecting most Android devices
- If your system settings allow 'Untrusted Sources' application installs
- If any installed application on your device is trying to maliciously take advantage of any of the 'Master Key' security flaws.

Further details of the Android "Fake ID" and "Master Key" security flaws are available

Download Link :

 eEye Android Scanner:
                                  eEye Digital Security, the security industry's most trusted name in vulnerability assessment has brought their expertise to your Android phone.
Did you know that more than 80% of employees now use personal smartphones for work-related purposes? Every day these devices access email, games, and work related material
and are unchecked by your businesses' standard vulnerability management processes.
Until now, one of the biggest challenges for consumers and information technology security teams was they inability to determine potential vulnerabilities on their mobile assets as they do their servers and desktops. Watch the video below to see how Retina CS is solving that problem and how users can download the tool for free to check their own devices.
Benefits of Mobile Security in Retina CS to extend the benefits of this free agent:
Retina CS is the first and only product to integrate mobile device assessment and vulnerability management for complete visibility and context on all vulnerabilities ­ so that your team can discover, prioritize, and fix weaknesses quickly.

* Reduce overall IT security risk by extending vulnerability management to your BlackBerry, Android and ActiveSync-managed mobile devices
* Reduce resource demands by automating vulnerability assessment for mobile devices with in-depth scanning.
* Simplify and improve IT security by managing mobile devices and all other assets through a single, Web-based console.
* Gain greater visibility through vulnerability profiles of mobile devices accessing your network.
* Streamline remediation through advanced threat prioritization according to severity of mobile vulnerabilities.Use built-in and custom audits to scan for weaknesses in mobile device hardware, applications, and configurations.
* Report on mobile device vulnerabilities and demonstrate compliance.

Download Link :

Belarc Security Advisor:
                                     does this by automatically checking your Android tablet or phone for over 400 security vulnerabilities in both the operating system and installed apps, and gives you the result in seconds as to which ones are vulnerable and need to be updated. The Security Advisor also works with all other security apps such as anti-virus and anti-malware apps.
Download Link :
Drozer :
          helps to provide confidence that Android apps and devices being developed by, or deployed across, your organisation do not pose an unacceptable level of risk. By allowing you to interact with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. 

Drozer provides tools to help you use and share public exploits for Android. For remote exploits, it can generate shellcode to help you to deploy the drozer Agent as a remote administrator tool, with maximum leverage on the device.

Faster Android Security Assessments

drozer helps to reduce the time taken for Android security assessments by automating the tedious and time-consuming.
  • Discover and interact with the attack surface exposed by Android apps.
  • Execute dynamic Java-code on a device, to avoid the need to compile and install small test scripts.
Download Link :
TrustGo Mobile Security :
                                protects you from today's most dangerous malware and viruses PLUS apps that can steal your personal privacy, identity and data. In addition, TrustGo offers "Find My Phone" features including remote location, lock, alarm and "Candid Camera" thief ID (via email), system tools and web browsing security...all in one totally Free package.
TrustGo detects and removes all the latest malicious apps and viruses, and is the only security app that protects your privacy and data from High Risk apps that others miss.

TrustGo has achieved West Coast Labs’ Checkmark Certification! It is one of the best products in malware detection test by AV-Comparatives
Key Features:
Security Scanner - On-demand or scheduled scans of your mobile phone or tablet and SD card to find and remove viruses, malware, spyware and trojans PLUS risky apps that can steal your data.
Secure App Search - Our Secure App Finder Engine (SAFE) lets you search and download apps that you know are safe. TrustGo alerts you before downloading bad and risky apps. 
Download link :

 PenTest Tools List:
             is a list of android apps for penetration testing.IT IS JUST A LIST, DON'T EXPECT ANYTHING MORE THAN THAT (sorry for all caps, but some people expect matrix meets mission impossible... and give a bad rating when their expectations are not met :) )
Please read the description...
Penetration test is used to test security of something. (if that something passes penetration test, there is a higher chance that hacker cant hack into it)

Apps are sorted with Tags.
Links to Apps on the Play Store.
Links to Apps that are NOT on the Play Store
Links to Source Code of Open Source Apps
Links to App websites.
Links to Google the name of the App or App Package.

 Download Link :


Saturday, August 23, 2014

Remote & Local file Inclusion Testing Tools


              A little tool for local and remote file inclusion auditing and exploitation.

              Fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It's currently under heavy development but it's usable.

              The goal of fimap is to improve the quality and security of your website.

What works currently?

  • Check a Single URL, List of URLs, or Google results fully automaticly.
  • Can identify and exploit file inclusion bugs.
    • Relative\Absolute Path Handling.
    • Tries automaticly to eleminate suffixes with Nullbyte and other methods like Dot-Truncation.
    • Remotefile Injection.
    • Logfile Injection. (FimapLogInjection)
  • Test and exploit multiple bugs:
    • include()
    • include_once()
    • require()
    • require_once()
  • You always define absolute pathnames in the configs. No monkey like redundant pathes like:
    • ../etc/passwd
    • ../../etc/passwd
    • ../../../etc/passwd
  • Has a Blind Mode (--enable-blind) for cases when the server has disabled error messages. BlindMode
  • Has an interactive exploit mode which...
    • ...can spawn a shell on vulnerable systems.
    • ...can spawn a reverse shell on vulnerable systems.
    • ...can do everything you have added in your payload-dict inside the
  • Add your own payloads and pathes to the file.
  • Has a Harvest mode which can collect URLs from a given domain for later pentesting.
  • Goto FimapHelpPage for all features.
  • Works also on windows.
  • Can handle directories in RFI mode like:
    • <? include ($_GET["inc"] . "/content/index.html"); ?>
    • <? include ($_GET["inc"] . "_lang/index.html"); ?>
    • where Null-Byte is not possible.
  • Can use proxys.
  • Scans and exploits GET, POST and Cookies.
  • Has a very small footprint. (No senseless bruteforcing of pathes - unless you need it.)
  • Can attack also windows servers! (WindowsAttack)
  • Has a tiny plugin interface for writing exploitmode plugins (PluginDevelopment)
  • Non Interactive Exploiting (FimapNonInteractiveExec
 Download Link :

             is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.

Uniscan is a Remote File Include and Local File Include and Remote Command Execution vulnerability scanner.

This tool identify six vulnerability :-

* Blind SQL-Injection

* Remote File Include (RFI)

* Local File Include (LFI)

* Remote Command Execution (RCE)

* Cross-Site Scripting (XSS)

* SQL-Injection (SQL-i)

Download Link :
                       This tool will try to find every website that host at the same server at your target Then check for every vulnerability of each website that host at the same server.


  • scan sql injection, rfi, lfi, blind sql, rce injection
  • autosql injector
  • proxy support
  • verbocity added
  • autoftp bruteforcer
  • IP or Proxy checker and GeoIP

 Download Link :

 Simple Local File Inclusion:

The Simple Local File Inclusion Exploiter helps you to exploit LFI vulnerabilities. After you found one, simply pass the URL of the affected website and the vulnerable parameter to this tool. You can also use this tool to scan a parameter of an ULR for a LFI vulnerability.

./ –exploit-url= –vulnerable-parameter=

Usage example
./ –exploit-url= –vulnerable-parameter=file

Usage notes
- Always use http://….
- When you pass a vulnerable parameter, this tool assumes that it is really vulnerable.
- If you do not know if a parameter is vulnerable, simply pass it to this script and let the scanner have a look.
- Only use one vulnerable parameter at once.
- This tool does not work with SEO URLs, such as
- If you only have a SEO URL, try to find out the real URL which contents parameters.

Feature list
- Provides a random user agent for the connection.
- Checks if a connection to the target can be established.
- Tries catch most errors with error handling.
- Contains a LFI scanner (only scans one parameter at once).
- Finds out how a LFI vulnerability can be exploited (e.g. directory depth).
- Supports nullbytes!
- Exploit features: Dumps a list of interesting files to your hard disk.
- Supports common *nix targets, but no Windows systems.

Download Link :


Thursday, August 7, 2014

Network Packet Capture / Protocol Analyzer Tools

               is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible.Wireshark can capture traffic from many different network media types - and despite its name - including wireless LAN as well. Which media types are supported, depends on many things like the operating system you are using

Download Link :

          is the name for a family of packet analyzer developed by Colasoft for network administrators to monitor, troubleshoot and analyze wired & wireless networks. Currently, there are three editions available: Capsa Enterprise Edition, Capsa Professional Edition, and Capsa Free .

Freeware Network Analyzer (Packet Sniffer) for students, teachers, computer geeks and other non-commercial purposes.

Download Link :

                        is a Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows that can detect the OS, hostname and open ports of network hosts through packet sniffing or by parsing a PCAP file. NetworkMiner can also extract transmitted files from network traffic.

Download Link :

                is a cross-platform packet capture framework for the .NET environment, based on the famous pcap / WinPcap libraries. It provides an API for capturing, injecting, analyzing and building packets using any .NET language such as C# and VB.NET.

Download Link :

 PacketSquare (CapEdit):
                                     is a free and open-source pcap-based network protocol testing tool.[1] It is used for testing network devices (IDS/IPS, firewall, routers switches etc.,), network troubleshooting, analysis, software and communications protocol development, and education.

A GUI PCAP Based Network Protocol Testing Tool.

Download link :